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J Sir: 

"j In response to the Decision to Merge Reexamination and Reissue Proceedings, dated 

'J March 14, 2001, which requires filing of this housekeeping Amendment in order to place the 
J same amendments in all three cases (90/005,773 & 90/005,76 and 09/694,416, respectfully), the 
^ amendment, to the specification and claims, and remarks as filed concurrently with the Reissue 
J Application on October 20, 2000, are dupUcated herein below. Please amend the above- 
-t referenced patent and consider the remarks as hereafter provided: 

t Jn the Specification other than Claims: 

Replace the paragraph beginning at column (hereafter ''col. i, line 4 with the 
following: 

This application claims the benefit of U,S. Provisional Application No. 
60/033,271 for PUBLIC KEY CRYTOGRAPfflC APPARATUS AND METHOD, filed 
Dec. 9, 1996, naming as inventors, Thomas [Colins] Collins , Dale Hopkins, Susan 
Langford and [Michale] Michael Sabin, the [discolsure] disclosure of which is 
incorporated by reference. 



Replace the paragraph beginning at coL 7, line 64 with the following: 
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The RSA scheme capitalizes on the relative ease of creating a composite number 
from the product of two prime numbers whereas the attempt to factor the composite 
number into its constituent primes is difficult. The RSA scheme uses a public key E 
comprising a pair of positive integers n and e, where n is a composite number of the form 

n^p-q (1) 

where p and q are different prime numbers, and e is a number relatively prime to (p-1) 
and (q-1); that is, e is relatively prime to (p-1) or (q-1) if e has no factors in common with 
either of them. Importantly, the sender has access to n and e, but not to p and q. The 
message M is a number representative of a message to be transmitted wherein 

0<M<n-l. (2) 

The sender enciphers M to create ciphertext C by computing the exponential 

[C^MHmoA nS\ C= "tood n\ (3) 

Replace the paragraph beginning at col 2, line 19 with the following: 

The recipient of the ciphertext C retrieves the message M using a (private) 
decoding key D, comprising a pair of positive integers d and n, employing the relation 

[M=C^ (mod n)] C^M^jmo^n) (4) 

As used in (4), above, d is a multipUcative inverse of 

e(mod(lcm((p.l), (^-1)))) (5) 

so that 

[e-c/=l(mod(lcm((p-l), {q-l))))] e-d^ l(mod(lcm(fa-n. (g-1)))) (6) 

where lcm((p-l), (q-1)) is the least common multiple of numbers p-1 and q-1. Most 
commercial implementations of RSA employ a different, although equivalent, 
relationship for obtaining d: 

[d=e^ mod(p-l) (9-1)] d^e^ mod((p-lVfg-nV (7) 

This alternate relationship simplifies computer processing. 
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Replace the paragraph beginning at col 3, line 23 with the following: 

It is still another object of this invention to provide a system and method for 
implementing an RSA scheme in which the [components] factors of n do not increase in 
length as n increases in length. 

Replace the paragraph beginning at col. 3, line 27 with the following: 

It is still another object to provide a system and method for utilizing multiple 
(more than two), distinct prime number [components] factors to create n. 

Replace the paragraph beginning at col 5, line 36 with the following: 

The present invention discloses a method and apparatus for increasing the 
computational speed of RSA and related public key schemes by focusing on a neglected 
area of computation inefficiency. Instead of n=p q, as is universal in the prior art, the 
present invention discloses a method and apparatus wherein n is developed from three or 
more distinct random prime nimibers; i.e., n=prp2 . . pk, where k is an integer greater 
than 2 and pi, p2v . . pk are sufficiently large distinct random primes. Preferably, 
"sufficiently large primes" are prime niunbers that are numbers approximately 150. digits 
long or larger. The advantages of the invention over the prior art should be immediately 
apparent to those skilled in this art. If, as in the prior art, p and q are each on the order of, 
say, 150 digits long, then n will be on the order of 300 digits long. However, three primes 
pi, p2 and p3 employed in accordance with the present invention can each be on the order 
of 100 digits long and still result in n being 300 digits long. Finding and verifying 3 
distinct primes, each 100 digits long, requires significantly fewer computational cycles 
than finding and verifying 2 primes each 150 digits long. 

Replace the paragraph beginning at col 3, line 56 with the following: 

3 

SV/202692.01 
04042001/16:26/20206.14 



^^ttomey Docket No.: 20206-126 
Reexamination 1 

The commercial need for longer and longer primes shows no evidence of slowing; 
already there are projected requirements for n of about 600 digits long to forestall 
incremental improvements in factoring techniques and the ever faster computers available 
to break ciphertext. The invention, allowing 4 primes each about 150 digits long to obtain 
a 600 digit n, instead of two primes about [350] 300 digits long, results in a marked 
improvement in computer performance. For, not only are primes that are 150 digits in 
size easier to find and verify than ones on the order of [350] 300 digits, but by applying 
techniques the inventors derive from the Chinese Remainder Theorem (CRT), public key 
cryptography calculations for encryption and decryption are completed much faster-even 
if performed serially on a single processor system. However, the inventors* techniques are 
particularly adapted to [be] advantageously apply [enable] RSA public key cryptographic 
operations to parallel computer processing. 



Replace the paragraph beginning at coL 4, line 6 with the following: 

The present invention is capable of [using] extending the RSA scheme to perform 
encryption and decryption operation using a large (many digit) n much faster than 
heretofore possible. Other advantages of the invention include its employment for 
decryption without the need to revise the RSA public key encryption transformation 
scheme currently in use on thousands of large and small computers. 

Replace the paragraph beginning at col 4, line 13 with the following: 

A key assumption of the present invention is that n, composed of 3 or more 
sufficiently large distinct prime numbers, is no easier (or not very much easier) to factor 
than the prior art, two prime number n. The assumption is based on the observation that 
there is no indication in the prior art literature that it is "easy" to factor a product 
consisting of more than two sufficiently large, distinct prime numbers. This assumption 
may be justified given the continued effort (and failure) among experts to find a way 
"easily" to break large [component] composite niunbers into their large prime factors. 
This assumption is similar, in the inventors' view, to the assumption underlying the entire 
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field of public key cryptography that factoring composite numbers made up of two 
distinct primes is not "easy." That is, the entire field of public key cryptography is based 
not on mathematical proof, but on the assumption that the empirical evidence of failed 
sustained efforts to find a way systematically to solve NP problems in polynomial time 
indicates that these problems truly are "difficult." 



Replace the paragraph beginning at col 4, line 32 with the following: 

The invention is preferably implemented in a system that employs parallel 
operations to perform the encryption, decryption operations required by the RSA scheme. 
Thus, there is also disclosed a cryptosystem that includes a central processor, unit (CPU) 
coupled to a number of exponentiator elements. The exponentiator elements are special 
purpose arithmetic units designed and structured to be provided message data M, an 
encryption key e, and a number n (where [n=pi *P2 * ■ . . pk] ^~ PyPz' . . ^ pk . k being 
greater than 2) and retum ciphertext C according to the relationship, 

[C=M" fmodfa^^] (mod n\ 

Replace the paragraph beginning at col, 4, line 45 with the following: 

Alternatively, the exponentiator elements may be provided the ciphertext C, a 
decryption (private) key d and n to retum M according to the relationship, 



Replace the paragraph beginning at coL 4, line 50 with the following: 

According to this decryption aspect of the invention, the CPU receives a task, 
such as the requirement to decrypt [cyphertext] ciphertext data C. The CPU will also be 
provided, or have available, a [public] private key [e] d and n, and the factors of n (pi, p2, 
. . . Pit). The CPU breaks the [encryption] decryption task down into a number of sub- 
tasks, and delivers the sub-tasks to the exponentiator elements. [When the] The results of 
the sub-tasks are retumed by the exponentiator elements to the CPU which [will], using a 
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form of the CRT, combines the results to obtain the message data M. An encryption task 
may be performed essentially in the same manner by the CPU and its use of the 
exponentiator elements. However, usually the factors of n are not available to the sender 
(encryptor), only the public key, e and n, so that no sub-tasks are created. 



Before the paragraph beginning at col 5, line 52, insert the following paragraph: 

Alternatively, a message data M can be encoded with the private key to a signed 
message data Mc using a relationship of the form 

m\ sM^(modw), 

The message data M can, be reproduce from the signed message data Mg bv decoding the 
signed data with the pubhc key, using a relationship of the form : 

MsM/(mod«). 



Replace the paragraph beginning at col 5, line 30 with the following: 

According to the present invention, the public key portion e is picked. Then, three r 
or more random large, distinct prime numbers, pi, p2, ...» Pk are developed and checked 
to ensure that each (pt-1) is relatively prime to e. Preferably, the prime numbers are of 
equal length. Then, the product [n=pi, p2, . . . , pk] n= Pi^Pr • - - Ph is computed. 

Replace the paragraph beginning at col 5, line 36 with the following: 

Finally, the decryption [key] exponent , d, is established by the relationship: 

[d^e' mod ((pi -1) (p2 -I) . . . (pk -1))] e' mod (( p^ -l yjp, -!)■ . . rj p^^ 
l)\ or equivalently 

d= e^ mod (lcm(fpi -1), (pi -1), . . . (pk -l))) 
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Replace the paragraph beginning at coL 5, line 41 with the following: 

The message data, M is encrypted to ciphertext C using the relationship of (3), 



Replace the paragraph beginning at col 5, line 46 with the following: 

To decrypt the ciphertext, C, the relationship of [(3)] above, is used: 
[M=C^ mod n] AfeC^ (mod «) 
where n and d are those values identified above. 

Replace the paragraph beginning at col 5, line 52 with the following: 

Using the present invention involving three primes to develop the product n, RSA 
encryption and decryption time can be substantially less than an RSA scheme, using two 
primes by dividing the encryption or decryption task into sub-tasks, one sub-task for each 
distinct prime. (However, breaking the encryption or decryption into subtasks requires 
knowledge of the factors of n. This knowledge is not usually available to anyone except 
the owner of the key, so the encryption process can be accelerated only in special cases, 
such as encryption for local storage. A system encrypting data for another user performs 
the encryption process according to (3), independent of the number of factors of n. 
Decryption, on the other hand, is performed by the owner of a key, so the factors of n are 
generally known and can be used to accelerate the process.) For example, assume that 
three distinct primes, pi, p2, and p3, are used to develop the product n. Thus, decryption of 
the ciphertext, C, using the relationship 



above, i.e., 



[C=M" mod n.] C^MUmoAn) 



[M=C^(mod «)] M=cUmoAn^ 



is used to develop the decryption sub-tasks: 



[Ml ^Cx""' mod px] Ml=-Cu 



^noiei) 



[Ml =C/^ mod pi] M2 _^C{UmoAp 2) 
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[M3 ^C^"' mod 773] M^ ^C{HmoAp^ 

where 

[Ci =Cmod j7i;] Ci= C (mod 
[C2 =Cmod ;72;] gi^C (mod/?2 ); 
[C3 ==Cmodp3 ;] Cj _^C( mod ;? 3}; 
[Ji =rfmod (pi -1)] (mod (pijvU); 
[d2 =<imod (;?2 -1)] ^2 .= ^ (mod (pi -l^Y and 
[£/3 =c3&nod (p3 -1)] ^i.=^Jto2dig3-dja. 

Replace the paragraph beginning at coL 6, line 24 with the following: 

The resuhs of each sub-task, Mi, M2, and M3 can be combined to produce the 
plaintext, M, by a number of techniques. However, it is found that they can most 
expeditiously be combined by a form of the Chinese Remainder Theorem (CRT) using, 
preferably, a recursive scheme. Generally, the plaintext M is obtained from the 
combination of the individual sub-tasks by the following relationship: 

Y; = M(M i -y^ ) (wC^ (mod p^y\ (mod p^\ Wj fmod [Y^ =Yi.x +[(M/ -Yt, 
i) {wi^ mod /?,)mod pj-w/ mod «] 

where [i >2] 2< i <k where k is the number of prime factors of n, and 
M=yfe 7i=Ci,««JwpfI pj 

Encryption is performed in much the same manner as that used to obtain the plaintext M, 
provided (as noted above) the factors of n are available. Thus, the relationship 

[C^M' (mod n)] C^ MUmodn\ 

can be broken down into the three sub-tasks, 
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[Ci =Mi"^ mod px] C, =M,''imodp,) , 
[Ci =M2^ mod p2] Q = M/^ (mod p^ ) 
[Cs =M/^mod;?5] C3 =M;'{modp,), 

where 

[Ml =M(mod pi)] Mi^M(modpi), 
[Ml =A/(mod /?2)] Mi^M fmod j?2 ^, 
[M3 =M(mod /?3)] Mi=M{modpi) . 
[ex =emod (pi -1)] ei ^emodip ^ -W 

[ei =emod (p2 -1)1 ^2 = ^ (Pz "1^ - 
[es =emod (p^-l)] e i^emodip^^-lX 

Replace the paragraph beginning at col 5, line 65 with the following: 

In generalized form, the ciphertext C (i.e., [decrypted] encrypted message M) can 
be obtained by [the same sxmmiation] a recursive scheme as identified above to obtain the 
ciphertext C from its contiguous constituent sub-tasks Q. 




Replace the paragraph beginning at col 7, line 1 with the following: 

Preferably, the recursive CRT method described above is used to obtain either the 
ciphertext[,] C[,] or the deciphered plaintext (message) M due to its speed. However, 
there may be [occasions] implementations when it is beneficial to use a non-recursive 
technique in which case the following relationships are used: 

k k 
M= ^ Mi (w{^ (mod jpAV Wi (mod n) [M == ^ Mi (wi~^ mod pi) Wi mod 
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where 

[Wi = Yl Pj] ^i^Yl and 
k is the number (3 or more) of distinct primes chosen to develop the product n. 

Replace the paragraph beginning at col 7, line 1 7 with the following: 

Thus, for example above (k=3), M is constructed from the returned sub-task 
values Ml, M2, M3 by the relationship 

[M-Mi (w\'^ mod Pi) wi mod/w+M2 {wz^ mod P2) wz mod n + 

M3 (>V3'* mod P3) >V3 mod n] M^M ^Jm '^ (mod p y ))- w ^ (mod n) 

+ Mo (wi^ (mod pi))' wi (mod n) 

+ Ml (wi^ (mod pii\' w^ ^ (mod n\ 

where 

H'l ='P^p^y W2 =pi jE>3, and W3 =p\ pi. 

Replace the paragraph beginning at col 7, line 52 with the following: 

The I/O bus 30 communicatively connects the CPU to a number of exponentiator 
elements [32a, 32b, and 32n] 32a. 32b md 32c . Shown here are three exponentiator 
elements, although as illustrated by the "other" exponentiators [32r,]32n. additional 
exponentiator elements c^ be added. Each exponentiator element is a state machine 
controlled arithmetic circuit structured specifically to implement the relationship 
described above. Thus, for example, the exponentiator 32a would be provided the values 
Ml, ei, and pi[, n] to develop Ci. Similarly, the exponentiator circuits 32b and 32c 
develop C2 and C3 from corresponding subtask values M2, e2, [PajCi, M3, 63, and [P3]C3' 

Replace the paragraph beginning at col. 8, line 1 with the following: 
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In order to ensure a secure environment, it is preferable that the cryptosystem 10 
meet the Federal Information [Protection System] Processing Standard (FIPS) 140-1 level 
3. Accordingly, the elements that make up the CPU 14 would be implemented in a design 
that will be secure from external probing of the circuit. However, infonnation 
commimicated on the I/O bus 30 between the CPU 14 and the exponentiator circuits 32 
(and external memory 34—if present) is exposed. Consequently, to maintain the security 
of that information, it is first encrypted by the DES unit 24 before it is placed on the I/O 
bus 30 by the CPU 14. The exponentiator circuits 32, as well as the external memory 34, 
will also include similar DES units to decrypt information received from the CPU, and 
later to encrypt information returned to the CPU 14. 



Replace the paragraph beginning at col 8, line 52 with the following: 

In similar fashion, information is conveyed to or retrieved from the exponentiators 
32 by the processor 20 by write or read operations at addresses within the address range 
44, Consequently, writes to the exponentiators 32 will use the DES imit 24 to encrypt the 
information. When that (encrypted) information is received by the exponentiators 32, it is 
decrypted by on-board DES units (of each exponentiator 32). The result[s] of the task 
performed by the exponentiator 32 is then encrypted by the exponentiator's on-board 
DES unit, retrieved by the processor 20 in encrypted form and then decrypted by the DES 
unit 24. 



Replace the paragraph beginning at col 9, line 24 with the following: 

Assume, for the purpose of the remainder of this discussion, that the 
encryption/decryption tasks performed by the cryptosystem 10, using the present 
invention, employs only three distinct primes, pi, p2, p3. The processor 20 will develop 
the sub tasks identified above, using M, e, pi p2, pa Thus, for example, if the 
exponentiator 32a were assigned the sub-task of developing Ci, the processor would 
develop the values Mi[,] an^ ei[, and (pi -1)] and deliver [units] (write) these values, with 
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[n]pi, to the exponentiator 32a. Similar values will be developed by the processor 20 for 
the sub-tasks that will be delivered to the exponentiators 32b and 32c. 

Replace the paragraph beginning at col 10, line 15 with the following: 

Alternatively, the [postj host -system 50 may desire to deliver, via the 
communication medium 60, an encrypted commxmication to one of the stations 64. If the 
communication is to be encrypted by the DES scheme, with the DES key encrypted by 
the RSA scheme, the host system would encrypt the communication, forward the DES 
key to one of the cryptosystems 10 for encryption via the RSA scheme. When the 
encrypted DES key is received back from the cryptosystem 10, the host system can then^ 
deliver to one or more of the stations 64 the encrypted message. 

Replace the paragraph beginning at col 10, line 25 with the following: 

Of course, the host system 50 and the stations 64 will be using the RSA scheme of 
pubUc key encryption/decryption. Encrypted commimications from the stations 64 to the 
host system 50 require that the stations 64 have access to the public key [E (E, N)] E=(e. ^ 
n) while the host system maintains the private key [D (D, N,] D=(d. n) and the constituent 
primes, pi, p2, . . . , Pk). Conversely, for secure commimication from the host system 50 to 
one or more of the stations 64, the host system would retain a pubUc key E' for each 
station 64, while the stations retain the corresponding private keys [E'] D!. 

Replace the paragraph beginning at col 10, line 35 with the following: 

Other techniques for encrypting the communication could used. For example, the 
communication could be entirely encrypted by the RSA scheme. If, however, the 
message to be communicated[ion] is represented by a numerical value greater than n-1, it 
will need to be broken up into blocks size M where 

[0<M<N-1] 0<M<nA . 
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In the Claims 

Amend claims 1-13 (following the format o f the claims as presented herein, including 
insertion of new lines and indentations where applicable), and add new claims 14-61 as follows: 

1. (Amended) A method [for estabhshing] of processing a message for use in cryptographic 
conunimications comprising the steps of: 

developing a composite number. n> as a product ofpi^pi-, > ■ where k is an integer greater 
than 2. and p i , p? pv are distinct random prime numbers: and 

encoding a plaintext message word signal M to a ciphertext word signal C, where M corresponds 
to a number representative of [a] the message and . ; : 

0<M<«-U 

[n being a composite number formed from the product of prp2-. - . .-pk where k is an 
integer greater than 2, pi, pa, . . . Pk are distinct prime numbers, and] where C is a.number 
representative of an encoded form of the plaintext message word signal M such that 

(mod n\ and [, wherein said encoding step comprises the step of: „ . 

triansforming said message word signal M to said ciphertext word signal C whereby 

C=M^(mod«)] 

where e is a number relatively prime to (pi -l)-(p2 -l V...*(p v-l). 

2. (Amended) The method according to claim 1, comprising the further step of: 
establishing a number, d. as a multiplicative inverse of 

g(mod(lcm((px A)Jpi'V\ (pv -ViSW and 

decoding the ciphertext word signal C to the plaintext message word signal M[, wherein said 
decoding step comprises the step of: transforming said ciphertext word signal C] 
where[by:] 

[M=C'^ (mod «)] M^C^ (mod 
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[where d is a multiplicative inverse of e(mod(lcm({pi -1), (p2 -1 ),..., (pk - 1 ))))]- 

3. (Amended) A method [for transferring] of processing a message signal Mi for use in a 
commimications system having j terminals, [wherein] each terminal [is] being characterized by 
an encoding key Ei =(ei, nj) and decoding key Di ={di, Ui), where i=l, 2, . . . , j, and [wherein] the 
message signal Mi [corresponds] corresponding to a number representative of a message-to-be- 
transmitted from the i^*' terminal, the method comprising the steps of: 

computing ni where ni is a composite niunber of the form : i . 

[ni =Pi,i -pi^ . . . ,-pi,k] nj^i^^jgi^ . > > ,Pi^ : ' 

where k is an integer greater than 2, 

Pi,h Pi^? * • • > pi,k are distinct random prime numbers, 

eiis relatively prime to [lcm(pi,i -1, pi^ -1, pi,k -1)] Icmip n -l^Piz -I.... -1>. and 

di is selected from the group consisting of the class of numbers equivalent to a 
multiplicative inverse of * 

ei (mod(lcm((pt,i -1), (pia -1), * - • , (PiM -!))));[. 
comprising the step of:] 

encoding a digital message word signal [MaJMi for transmission from a first terminal (i=i[A]) to 
a second terminal (i=2[B]), said encoding step including the sub-step of; 

transforming said message word signal [Ma]Mi to one or more message block word signals 
[MA"]Mi", each block word signal [Ma^JMi" corresponding to a number representative 
of a portion of said message word signal [MaJMi in the range 0< Ma" <n2-l [0< Ma" 

-1], 

transforming each of said message block word signals [Ma'^Mi" to a ciphertext word signal [Ca, 
Ca corresponding] & that corresponds to a number representative of an encoded form of 
said message block word signal [Ma"]Mi"[J where[by:] 

[Ca^Ma " (mod hb)] C^M^ (mod/ij . 
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4. (Amended) A cryptographic communications system comprising: 

a communication [medium] channel adapted for transmitting a ciphertext word signal C that 
relates to a transmit message word signal M : 

[an ]encoding means coupled to said channel and adapted for transforming [a] ^ transmit 
message word signal M to [a] the ciphertext word signal C using a composite number, n, , 
where n is a product of the form 

n=pypi' 'pv 

k is an integer greater than 2. and . . - - 

p^ . p2 P i : are distinct random prime numbers [and for transmitting C on said channel], 

where the transmit message word signal M corresponds to a number representative of a. 
message and 

0< M < n-1 [where n is a composite number of the form 

where k is an integer greater than 2 and pi, p2, . . . , Pk are distinct prime numbers, and] 

where the ciphertext word signal C corresponds to a number representative of an 
[enciphered] encoded form of said message through a relationship of the form[ and corresponds 
to] 

C=M^ (mod n \ and 

where e is a niunber relatively prime to lcm(pl -1, p2 -1, . . . , pk -1); and 

[a ]decoding means coupled to said channel and adapted for receiving the ciphertext word signal 
C from said channel and for transforming the ciphertext word signal C to a receive 
message word signal M' where M' corresponds to a nxmiber representative of a 
[deciphered] decoded form of the ciphertext word signal C [and corresponds to] through 
a relationship of the form 

^r^.C^(mod n) 
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where d is selected from the group consisting of [the] a class of numbers equivalent to a 
multiplicative inverse of 

e(mod(lcm((pi -1), {pi -1), . . . , (pk -1)))). 



5. (Amended) A cryptographic communications system having a plurality of terminals coupled 
by a communications channel, [including] comprising: 

a first terminal of the plurality of terminals characterized by an [associated] encoding key 
Ea =(eA, Ha) and a decoding key Da =(dA, Ha), 

where[in] nA is a composite number of the form ^ 
where 

k is an integer greater than 2, 

Pa,i, Pa^, . - . , PA,k are distinct random prime numbers, 

eA is relatively prime to 

\cm{pAj -1, Pa,2 -1, . . . , PA,k -1), and 

dA is selected from the group consisting of the class of numbers equivalent to a 
multiplicative inverse of 

ca (mod(lcm((/?A,i -1), (Pa,2 -1), . - - , (PA,k -1)))); and[,] 

[and including ]a second terminal of the plurality of terminals having [, comprising:] 

blocking means for transforming a first message,[-to-be-transmitted] which is to be 

transmitted on said communications channel from said second terminal to said 
first terminal^ to one or more transmit message word signals Mb, where each Mb 
corresponds to a number representative of said message in the range 

0<MB<nA-\, 

encoding means coupled to said channel and adapted for transforming each transmit 

message word signal Mb to a ciphertext word signal Cb tiiat [and for transmitting 
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Cb on said channel, where Cb] corresponds to a number representative of an 
[enciphered] encoded form of said first message [and corresponds to] through a 
relationship of the form 

[Cb ^Mb'"^ (mod ha)] ^ M/^ (mod« J, 

[wherein ]said first terminal having [comprises:] 

decoding means coupled to said channel and adapted for receiving said ciphertext word 
signals Cb fi:om said channel and for transforming each of said ciphertext word 
signals £b to a receive message word signal [Mb]M'b, and 

means for transforming said receive message word signal[s] [M*]M b to said first 
message, where [M']M'b [is] corresponds to a number representative of a 
[deciphered] decoded form of Cb [and corresponds to] through a relationship of 
the form 

[M^'^/'' (mod Ha)] M'^ = C/' (mod«^ ) . 



6. (Amended) The system according to claim 5 wherein said second terminal is characterized by 
an [associated] encoding key [E^ =(e5, nR^jE p =(eg, and a decoding key [DB==(Db, d5)]DB 
WdR, n p). where[: 

] nB is a composite number of the form 

ItB ~J>BXPB,r . • *'PB,k 

where k is an integer greater than 2, 

PBi ' PH2- • ■ ■ P b± [Pb,15 Pb;2, • • . PB,k] are distinct random prime numbers, 
eB is relatively prime to 
\cmipB,\-\,pB,2-\,' . .;?5.rl),and 

dB is selected fi:om the group consisting of [the] a class of numbers equivalent to a 
multiplicative inverse of 

eB (mod(lcm((p5,izl), ipB.2 -1), - . . , ipB.k -1)))), 
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[wherein ]said first terminal [comprises:] further having 

blocking means for transforming a second message,[-to-be-transmitted] which is to be 
transmitted on said conmiunications channel fi-om said first terminal to said 
second terminal, to one or more transmit message word signals Ma, where each 
Ma corresponds to a number representative of said message in the range 

[0< Ma'^ (mod Ub)] Q<MA<nB=l 

encoding means coupled to said channel and adapted for transforming each transmit 

message word signal Ma to a ciphertext word signal Ca and for transmitting Ca 
on said channel, [ 

Jwhere Ca corresponds to a number representative of an encoded[enciphered] 
form of said second message [and corresponds to] through a relationship of the 
form 



[wherein] said second terminal [comprises;] further having 

decoding means coupled to said channel and adapted for receiving said ciphertext word 
signals Ca fi'om said channel and for transforming each of said ciphertext word 
signals to a receive message word signal [Ma*]M'aj and 

means for transforming said receive message word signals [Ma]M a to said message, [ 



7. (Amended) A method [for establishing] of processing a message for use in cryptographic 
communications^, comprising the steps of: 

developing a composite number, n. as a product of at least 3 whole number factors greater than 
one, the factors being distinct random prime numbers: and 



[Ca^Ma'^ (mod ns)] ^ M/' 



(modw^) 



]where [M*] Ma corresponds to a number representative of a [deciphered] 
decoded form of Ca [and corresponds to] through a relationship of the form 

[Ma'^Ca"^^ (mod hb)] M\ ^ C/' (modw^) . 
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encoding a digital message word signal M to a [cipher text] ciphertext word signal C, where said 
digital message word signal M corresponds to a nximber representative of a message and 

0<M<n-l, 

[where n is a composite number having at least 3 whole nimiber factors greater than one, the 
factors being distinct prime numbers, and] 

where said ciphertext word signal C corresponds to a number representative of an 
encoded form of said message [word M,] through a relationship of the form 

^wherein said encoding step comprises the step of: 

transforming said message word signal M to said ciphertext word signal C whereby] 

C= Ue M" +ae.\ M^'^ +. . . +ao (mod n) 

where e and ae, ac-i, ao are numbers. 

8. (Amended) [In the] A method according to claim 7 wherein said encoding step further . 
includes the step of 

transforming said digital message word signal M to said cipertext word signal C by the 
performance of a first ordered succession of inveritble operations on M, [the 
further step of:] 

and wherein the method further comprises the step of: 

decoding said cipertext word signal C to said digital message word signal M by the performance 
of a second ordered succession of invertible operations on C, where each of the invertible 
operations of said second ordered succession is the inverse of a corresponding one of said 
first ordered succession, and where[in] the order of said invertible operations in said 
second ordered succession is reversed with respect to the order of corresponding 
invertible operations in said first ordered succession. 



9. (Amended) A communication system for [transferring] processing message signals [Mj], 
comprising: 
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[ Ij terminals including first and second terminals [stations], each of the j [stationsj terminals 
being characterized by an encoding key Ei =(ei, ni) and decoding key Di =(di, ni)[ ], where 
i=l,2, . . . j, [and wherein 

Mi^corresponds to a number representative of a message signal to be transmitted fi:'om the 
i terminal,] each of the j terminals being adapted to transmit a particular one of the 
message signals where an i^^ terminal corresponds to an i^^ message signal M i, and 

0<Mi<niA, 

ni [is] being a composite number of the form 

[«/ ^'PkJpu ' ' Pa] ni =Pu:^i2 ■ ' p\A 

where r 
k is an integer greater than 2, 
Pi,\y Vi^y • • * are distinct random prime numbers, 
Ci is relatively prime to 
lcm(p,;i-l,/7/,2-l, . - and 

di is selected firom the group consisting of the class of numbers equivalent 

to a multipUcative inverse of 

ei (mod(lcm((pi,i -1), (pu -1), . . , , (pi^^ -1)))); 

said [a] first terminal [one of the j terminals] including _ i 

means for encoding a digital message word signal [Ma] Mi [for transmission] to be 
transmitted fi"om said first terminal (i=i[A]) to [a] said second terminal [one of the j terminals] 
(i=2[B]), said encoding means [for] transforming said digital message word signal [Ma]Mi to a 
signed message word signal [Mas] M u using a relationship of the form [, M^ corresponding to a 
number representative of an encoded form of said message word signal Ma, 

whereby:] 

[Mas ^M/"" rmod ha)] M,^ ^ M/^ (mod n, ) . 
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1 0. (Amended) The commimication system of claim 9 further comprising: 

means for transmitting said [signal] signed message word signal [Mas] Mis from said first 
terminal to said second terminal, [and wherein] 

said second terminal [includes] including 

means for decoding said signed message word signal [Mas] Mh to said digital message 

word signal [Ma,] M i using a relationship of the form [said second terminal 
including:] 

Mj =Mi/'(mod«i) 

[means for transforming said signed message word signal Mas to said message word 
signal Ma, whereby 

Ma =Mas"'' (mod Ha)]. 



1 1 . (Amended) A communications system for transferring a message signal [Mi], the 
communications system comprising: 

[ ]j communication stations including first and second stations, each of the j 
communication stations being characterized by an encoding key Ei=(ei,. ni) and ra „ 
decoding key Di =(di, Ui), where i=l, 2,. . . , j, [and wherein Mj corresponds to a number 
representative of a message signal to be transmitted from the i^^ terminal,] each of the j 
communication stations being adapted to transmit a particular one of the message signals 
where an i^ communication station corresponds to an i^^ message signal Mi. and 

0<Mi<m-\ 

n,- [is] being a composite nxmiber of the form 
where 

k is an integer greater than 2, 

Pi,i5 Pi^5 • . . ,Pi,k distinct random prime numbers, 

21 

SV/202692.01 
04042001/16:26/20206.14 





Ittomey Docket No.: 20206-126 
Reexamination 1 



Ci is relatively prime to lcm(pi,i -l,pi^ -1, . . . ,pi,k -1), ^id 

di is selected from the group consisting of the class of numbers equivalent to a 
multiplicative inverse of 

ei (mod(lcm((pi,i -1), {pi^2 -1), . . - > ipi,k -1))))* 
[a] said first station [one of the j communication stations] including 

means for encoding a digital message word signal [Ma] Mi [for transmission] to be 

transmitted from said first station [one of the j communication stations] (i=i[A]) 
to [a] said second station [one of the j communication stations] (i=2[B])5 

means for transforming said digital message word signal [Ma] Mi to one or more 

message block word signals [Ma'] Mi each block word signal [Ma*] Mu being a 
number representative of a portion of said message word signal [MA']Mi in the 
range 

0<Mi"<n2r l I0< Ma < ns -1], and . . 

means for transforming each of said message block word signals [Ma"] Mi" to a ' 

ciphertext word signal using a relatinship of the form [Ca , Ca corresponding 
to a nxmiber representative of an encoded form of said message block word signal 
Ma", whereby:] 



means for transmitting said ciphertext word signals Ci from said first [terminal] station to said 
second [terminal] station, [and] 

wherein said second [terminal] station includes 

means for decoding said ciphertext word signals to said message block word signals 



means for transforming each of said ciphertext word signals Ca to one of said message block 
word signals Ma", whereby 



[Ca ^Mj^r rmod w^)] C, ^ M\'' 



(modrtj) • 



12. (Amended) 



The conmiunications system of claim 1 1 further comprising: 



[MA] Mi ^" using a relationship of the form [. said second terminal including: 
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means for transforming said message block word signals [Ma"] Mi" to said message 
word signal [Ma]Mi- 

13. (Amended) [In a] A communications system, [including] comprising: 
a first station; and 

[and] a second [commxmicating] station[s inter] connected to the first station for communications 
therebetween, 

the first communicating station having 

encoding means for transforming a transmit message word signal M to a ciphertext word 
signal C where transmit message word signal M corresponds to a number 
representative of a message and 

0<M<nA 

{where] n [is] being a composite nxmiber formed as a product of [having] at least 
f 3 whole number factors greater than one, the factors being distinct iMdQm prime 
numbers, and 

where the ciphertext word signal C corresponds to a number representative of an 
[enciphered] encoded form of said message through a relationship of the form [and 
corresponds to] 

C= ae +ae.i M^'^ +. . . +ao (mod n) 

where e and ae, ae-i[-l], . . . , ao are numbers; and 

means for transmitting the ciphertext word signal C to the second [communicating] 
station. 
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New Claims: 

14. A method of processing a message for use in cryptographic communications comprising 
the steps of: 

selecting a public key portion e: 

developing k distinct random prime numbers, pu j?2- • • • P)^- where k >3, and checking that each 
of the k distinct random prime numbers minus L pi-\, po-X. . . . j?v-L is relatively prime 
to the public key portion g: . . 

computing a composite number, n. as a product of the k distinct random prime numbers: and . 

encoding a plaintext message data M to a ciphertext message data C using a relationship of the 
form C= (mod n), where 0<M <n-\, 

15. The method according to claim 14. comprising the further step of: ^ ; . 
establishing a private key portion d hy z relationship to the pubhc key portion e in the form of . 

d = e-\mod{{p, -\)'{p^ -^)"<Pk -l)))L ajld 

decoding the ciphertext message data C to the plaintext message data M using a relationship of 
the form M= (mod «1 

16. A method of processing a message for use in cryptographic communications comprising 
the steps of: 

selecting a public key portion e: 

developing k distinct random prime numbers, pi. pz^ - ^ ^ p v. where k >3, and checking that each 
of the k distinct random prime numbers minus I. pi-l, p^-l. . . . jpv-L is relatively prime 
to the public key portion e: 

establishing a private key portion ^ by a relationship to the public key portion e in the form of 
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d^e^' {mod{{p, - 1) . - 1) - {p, - 1))) i 



computing a composite number, n, as a product of the k distinct random prime numbers: 
obtaining a ciphertext message data C: and 

decoding the ciphertext message data C to a plaintext message data M using a relationship of the 
form M= (mod h). 



1 7. The method according to claim 1 6. comprising the further step of: 

encoding the plaintext message data M to the ciphertext message data C. using a relationship of 
the form C=M^ (mod n\ where 0<M<n-l. 

18. A method of processing a message for use in cryptographic communications comprising 
the steps of: 

selecting a public key portion e: a j . i 

developing k distinct random prime numbers, pu • ■ • P}£- where k >3, and checking that each 
of the k distinct random prime numbers minus I. pv-l. piA. , . , pvAAs relatively prime 
to the public key portion e: . ^ 

establishing a private key portion by a relationship to the public key portion e of the form 
d ^ e-' (mod((p, - 1) ■ - 1) ■ ■ ■ (p, ■ 1))) ; 

computing a composite number, n. as a product of the k distinct random prime numbers: . 

encoding a plaintext message data M with the private key portion d to produce a signed message 
Mc using a relationship of the form M^= (mod n\ where 0<M<n-\. 



19. The method of claim 18 further comprising the step of: 

decoding the signed message M^with the public key portion e to produce the plaintext message 
data Musing a relationship of the form M= M/ (mod n), 
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A method for increasing the effici ency of a cryptographic process, comprising the step s 

Qf 

selecting a pubHc key portion g; 

deyelopjng k distinct random prime numbers, p^ . p, p^ , where k>3.and checking that each 

of the k distinct random p rime numbers minus l.pi-l. p^-l. . . . pu-l. is relatively prime 
to the public key portion p: 

computing a composite number, n. as a product o f the k di.stinct random prime numbers: and 

encoding a plaintext message data A/ to a ciphe rtext me.s.sage data C. using a relationship of the 
form C= (mod n\ where 0<M <'w-l . >. 

whereby a computatio nal speed of the cryptographic process is increased. . 

21." The method according to cl aim 20. comprising the further step of: . , ^ .. 

establishing a private key portion d hwa. relationship to the public kev portion;g in the form of : 
d ^ e-' (mod((/7i -\).{p^-\)... (p^ - 1))) ^ 

decoding the Ciphertext message data C to the plaint e xt message data M using a relation.ship of 
the form AfeT'^rmod »V 

22^ A method for increasing the effic iency of a cryptographic process, comprising the steps 

of: 

selecting a public key portion e: 

developing k distinct random prime n umbers. p . . p, p.,. where A: >i. and checking that each 

of the k distinct random pri me numbers minus 1 . p ^ -l. p^-1 . . . . p^-l . is relatively prime 
to the public kev portion a: 

establishing a private kev portion d hva relationship to the public key portion e in the form of 

d ^ e-' (mod((p, -l).(p^-l)... (p^ - 1))) ; 
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computing a composite number, n. as a product of th e k distinct random prime nnmhf-rs; 
obtaining a ciphertext message data C: and 

decoding the ciphertext message dat a C to a plaintext message data Musing a relationship of the 
fomiAfeC^rmod n\ 

whereby a computational speed o f the cryptographic process is increased 

21 The method according t o claim 22. comprising the further step of 

encoding the plaintext message data M to the cipher t ext message data C. using a relationship of 
the form C= (mod n). where 0<M <n-l. ■, 



24: The method according to claim 2 0. wherein p and q are a pair of prime numbers the 

product of which equals n. and w herein the 1c distinct random prime numbers are each smaller 
th^n p and q, whereby for a given length of n it t a kes fewer computational cycles to find and 
check the K distinct random prime numbers that it takes to find and check the pair of prime 
numbers p and g. 



25. The method according to claim 2 2. wherein p and q are a pair of prime numbers the 

product of which equals n. and wh erein the k distinct random prime numbers are each smaller 
than p and q, whereby for a given length of n it takes fewer computational cycles to find and 
check the K distinct random prime numbers that it takes to find and check the pair of prime 
numbers p and q. 



2^ The method according to claim 24. wherein the developing and computing steps can be 

performed for n that is more than 600 digits long faster than heretofore possible with only the 
pair of prime numbers p and q. 
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21 The method according to claim 25. wherein the developing , computing and encoding 

steps can be performed for n that is more than 600 d igits long fa^ster than heretofore possihle with 
only the pair of prime numbers p and q. 



2^ The method according to claim 14. wherein p an d a are a pair of prime numbers the 

product of which equals n. and wh e rein the k distinct random prime nimibers are each smaller 
than p and q, whereby for a given l e ngth of n it takes fewer computational cycles to find and 
check the K distinct random prime numbers that it takes to find and check the pair of p rime 
numbers p and g. 



22: The method according to claim wherein the developing and computing steps can be 

performed for n that is more than 600 digits long faster than heretofore possible with only the 
pair of prime numbers p and q. 

^ 30, The method according to claim 16. wh e rein p and o are a pair of prime nimibers the 
product of which equals n. and wherein the k d istinct random prime numbers are each smaller 
than p and q, whereby for a given length of n it takes fewer computational cycles to find and 
check the K distinct random pri me numbers that it takes to find and check the pair of prime 
numbers p and q. 

21 The method according to claim 30. wherein the developing and computing steps can be 

performed for n that is more than 600 digits long faster than heretofore possible with only the 
pair of prime numbers p and q. 



22^ The method according to claim 1 R. wherein p and q are a pair of prime numbers the 

product of which equals n. and wherein the k di s tinct random prime numbers are each smaller 
than p and q» whereby for a given le ngth of n it takes fewer computational cycles to find and 
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check the K distinct random prim e numbers that it takes to find and check the pair of prime 
numbers p and q. 



21 The method according to claim 32, wherein the developing and computing steps can be 

performed for n that is more than 6 00 digits long faster than heretofore possible with only the 
pair of prime numbers p and q. 



^ The method according to claim 14. wherein a message processed in accordance with the 

method is compatible with two-prim e RSA public kev cryptography, 

^ The method accordin g to claim 14. wherein a message processed in accordance with the 

method is compatible with two-prim e RSA public kev cryptography. . ... 

24^ The method accordin g to claim 16. wherein a message processed in accordance with the 

method is compatibl e with two-prime RSA public kev cryptography. 

22^- The method according to claim 18. wherein a m essage processed in accordance with the 

method is compatible with two-prime RSA public key cryptography. 



^ The method according to claim 2 0. wherein message data processed in accordance with 

the method is compa tible with two-prime RSA public kev cryptography. 

29^ The method according to claim 22, wherein message data processed in accordance with 

the method is comp atible with two-prime RSA public kev cryptography. 



A cryptography method for local st orage of data bv a private kev ownen comprising the 

steps of: 
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selecting a public kev portion g: 

developing k distinct random prime numbers, p u vi pv. where A: > 5. and checking that each 

of the k distinct random prime numbers minus \.p ^ •\.p^-\ />v-L is relatively prime 

to the public kev portion p\ 

establishing a private kev portion ^ b y a relationship to the public kev portion e in the form of 
d ^ {moAiip, - 1) ■ (/^^ - 1) " " ip, ~ 1))) ; 

computing a composite number, n, as a product of t h e k distinct random prime numbers that are 
factors of n. where onlv the privat e kev owner knows the factors of n: 

encoding plaintext data M to cipher t ext data C for the local storage, using a relationship of the 
form C= (mod n\ where 0<M<nA. 

^ The cryptography method in accordan ce with claim 40. further comprising t he step of: l 

decoding the ciphertext data C from the local stora g e to the plaintext data A/ using a relationship 
oftheform AfeC^rmod n\ 

4i A cryptog raphic communications system, comprising: 

a plurality of stations: 

a communications medium: and 

a host system adapted to conduct encrvT^ted com munications with the plurality of stations via the 
communications medi um, the host system including 

at least one cryptosvstem responsive to encryption and/or decryption requests from the 
host system, the cr yptosvstem being configured for 

developing k disti nct random prime numbers. Pi^pi /?v, where k>S. 



checking that each of t he k distinct random prime numbers minus 1 -p^-L 



gy-L is relatively prime to a public kev portion g that is associated with the 



host system. 
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computing a composite number. «. as a product of the k disfinct random primft 
numbers. 

encoding a plaintext message data M producing therefrom a cjphertext message 
data C to he communic ated via the host system, the encoding using q 
relationship of the form C=M^ (mod n\ where 0<M:^-\, 

establishing a private kev portion <^ bv a relationship to the public kev portion g 
in the form of </ = e"' (mod((jr?, -1) ■ (^^ - 1) . ■ . (^^ -l )))iaiid 

decoding a ciphertext message data C communicated via the host producing 
therefrom a plaintext mes sage data using a relationship of the form 
M= C (mad n \ where C and fvT can be respectively C and M. 



41 A system for processing a message used in crypt ographic communications, comprising: . 

a bus: and 

a crvptosvstem ooerativelv coupled to and rec eiving from the bus encryption and decryption 
requests, the crvptosvst em being capable nf 

providing a public kev portion e. 

developing k distinct ra ndom prime numbers. /? , . p, jk. where k>3, 

checking that each of the A: distinct random prime numbers minus 1. p^-l- P^-^ - ■ - - 
is relatively prime to the public kev portion g. 

computing a composite number, n. as a p roduct of the k distinct random prime numbers. 

encoding a plaintext form o f a first message M to produce a ciphertext form of the first 
message C using a relationship of the form C= (mod ri). where 0<M <h-l. 

establishing a private kev p ortion d hw a relationship to the public kev portion e in the 
fprmof d = g-' (mod((/7, -l).(p^-l)... (p^ - 1))) .and 
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decoding the ciphertext fomi of a secon d message <7 to prodiire the plaintext form of the 
second message ^Mising a relatio nship of the form M'= C"' (mod nY the first anH 
second messag es can he one and the same. 

44. The system of claim 42. wherein the at least one crvptosvstem includes 

a plurality of exponentiators configure d to operate in parallel in developing resp ertivft 
subtask values corresponding to the message. 

41 The system of claim 42. wherein the at least one crvptosvstem includes 

a processor. 

a data-address bus. 

a memory onerativelv c oupled to the processor via the data-address bus. e 

9 d^ta encryption standard (T)F.S'> unit operativelv couple d the memory and the processor 
- via the data- address bus. . , 

a plurality of exponentiator elements o perativelv coupled to the processor via the DPS 
unit, the plurality of expone ntiator elements being configured to operate in 
parallel in developing r espective subtask values corresponding to the messag e 

^ Thg system of claim 45. wherein the memory and each of the plurality of exponentiator 

elemgptg hgs its own PES unit that encrypts m essage data received/returned from/to the 
processor. 



42^ The system of claim 45. wherein the memory is partitioned into address spaces 

addressable by the processor including secure, ins e cure and exponentiator elements address 
gpaqes, and wherein the PES unit that is coupled to the processor is configured to recogni/e the 
secure and exponentiator elements a d dress spaces and to automatically encrypt messag e data 
therefrom before it is provided to the e x ponentiator elements, the PES unit being byp assed when 
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the processor is accessing the insecure memory address sp a ces, the DFS unit heinf ^ fiirfher 
POnfigured to decrypt encrypted message data received fr o m the memory before it is prnvidp/l tn 
the processor. 



^ The system of claim 45, wherein the at least one crvDtosvstem meets FTPS HJpHpral 

Information Processing Standard't 140-1 level 3. 



42^ The system of claim 45. wherein the processor maintains in the memory the public key 

portion e and the comp osite number n with its factors />|. p, jTv- > j 

^ A system for processing a message used in crvpto p raphic communications, comprising: 

a bus: and 

a ffryptogystem receiving from the system via the bu s encryption and decryption requests, the 
crvptosystem including 

a plurality of exponentia tor elements configured to develop subtask values , 

a memory, and 

a processor configured for 

receiving the encryption and decryptio n requests, each encryption req uest 
i r?roviding a plaintext message M to be encrypted, each encryption request 

can additionally provide a public key th at includes an exponent ^ and a 
representation of a modul us n in the form of its k distinct random prime 

number factors puP? Vk, where A: > i. or the processor can obtain the 

pubUc key from the memory. 

constructing subtasks to be exe cuted bv the exponentiator elements for producing 
respective o nes of the subtask values r , . C? Tu. and 

forming a cinhertext message C from the subtask values Cu C? C u. 
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5L The system of claim 50 wherein each one of the subtasks Co. . . , Cy is developed 

using a relationship of the form C. = M"' (mod p.) . where = (mod p.) . and 
= e(mod p- - 1) , wherei=l- 2. ... k. 



^ A system for processing a mess age used in cryptographic communications, comprising: 

a bus: and 

a cryptosystem receiying from the system yia the bus encryption and decryption requests, the 
cryptosyste m including . i ... . 

a plurality of exponentiator elements configured to develop subtask values. . 

a memory, and 

a processor configured for 

receiving the encryption and d ecryption requests, each encryption/decryption 
request providing a plaintext/ciphertext message M/C to be 
encrypt ed/decrypted and can additionally provide a public/private key that 
includes an exponent e/d and a repr esentation of a modulus n in the form 

of its k distinct random prime numbe r factors p^ p^^ where it: > 3, or 

the processor can obtai n the public/private kev from the memory. 

constructing subtask s to be executed by the exponentiator elements for producing 
respective ones of the subtask values. M , M UC i. Q CI . and 

forming the ciphertext /plaintext message C/Mfrom the subtask values C u 

ajMu . . . M ,. 



— The system of claim 5 2 wherein when produced each one of the subtasks C y ^ Co Q is 

developed using a relationship of the form C. = M"' (mod p^) . where C. = C(mod i?,.)^_and 
e. = e(mod p. - 1) . wherei=l,2, ...k. 
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54 The syste m of claim 52 wherein when produced each one of the subtasks M i , Mo. . . . M v 

is developed using a r elationship of the form M. = C/' (mod . where M. = M(mod/?;)^_mid 
d. = d{modp. -n .where i=L 2, ...k. 



55, The system of claim 54. wherein the private key exponent d relates to the public key 

exponent g via ^ = g"'(mod((/?^ -l) (/72 -1)" "(a -1))):. 



56^ A system for processi ng a message used in cryptographic communications, comprising: 

means for selecting a public key portion e\ _ ^ ; . 

means fo r developing k distinct random prime numbers, pi^ pi. , , . px,, where J: >si. and for 
checking that each of the k distinct random prime numbers minus L/? i ^-l. /^f-L • • • /^ "l- 
is relatively prime to the public key portion g: _ , 1 

means for establishin g a private key portion 6? bv a relationship to the public key portion e in the 
forinof ^ ^e-'(mod((A r 

means for computin g a composite number, as a product of the k distinct random prime 
numbers: 

means for obtaining a ciphertext message data C: and 

means for decoding the ciphert ext message data C to a plaintext message data M using a 
relationship of the form M=C^ (mod n\ 

57. The system according to claim 56. further comprising: 

means for encoding the plaintex t message data M to the ciphertext message data C. using a 
relationship of the form (mod n\ where 0<M<n-\, 

58, A system for proces sing a message used in cryptographic communications, comprising: 
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means for selecting a public key portion e\ 



means for developing k distinct random prime numbers. p \ . /?2- - ■ - P^- where k > 3. and for 

checking that each of the k distinct ra ndom prime numbers minus 1. j?i-L pi-\ p vA. 

is relatively prime to the public key portion e\ 

means for establishing a private key portion by a relationship to the pubhc key portion e of the 
form ^g-^(mod((/7, -\)^{p, -\)-^{p, -1))); 

means for computing a composite number, n. as a product of the k distinct random prime 
numbers; 

means for encoding a plaintext message data M with the private kev portion d: to produce a 
signed message Mc using a relationship of the form Mc= (mod n\ where 0<M<nA. 

59. The system of claim 58 further comprising the step of: 

means for decoding the signed message M. with the private key portion e to produce the plaintext 
hxessage data Musing a relationship of the form Mf (mod n\, - \ 



60." The system of claim 57. wherein the system can conduct encrypted communications with 
other pubhc key cryptography svstem that encrypt/decrypt data using a modulus value equal to n 
independent of the k distinct prime numbers. 



61. The svstem of claim 59, wherein the svstem can conduct encrypted commimications with 
other public key cryptography systems that encrypt/decrvpt data using a modulus value equal to 
n independent of the k distinct prime numbers. 
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REMARKS 

This Housekeeping Amendment is filed in response to the above-mentioned Decision to 
Merge Reexamination and Reissue Proceedings (90/005,776 & 90/005,733 and 09/694416, 
respectively). This Housekeeping Amendment includes the same amendments as in a 
Preliminaiy Amendment that was filed concurrently with the Reissue Application for U.S. Patent 
No. 5,848,159 (hereafter the "original patent") on October 20, 2000. 

Status of the Claims ; 

As of the date of that Preliminary Amendment and this Housekeeping Amendment, 
claims 1-13 of the original patent are amended and remain pending; claims 14-61 have been 
added. Thus, claims 1-61 are now pending in the Reissue Application and Reexaminations of the 
original patent. A clean version of the claims is provided in Exhibit B. 

Statement of Support in the Disclosure of t he Original Patent for the Amendments : 

The Specification : 

The specification of the original patent has been amended to correct typographical errors 
and other matters of form and to render the specification consistent throughout and with the 
claims. Support for the amendments to the specification may be found throughout the original 
patent. No new matter has been introduced by the amendments to the specification. A clean 
version of the specification is provided in exhibit A. 

In general, changes embodying corrections of typographical errors and other matters of 
form are self explanatory and need no fiirther explanation. As to the mathematical expressions, 
equations expressing any congruence of the form b=c(mod m) or the like, where b is congruent 
to c and /w is the modulus, are mathematically written in proper form as c(mod m) . 
Accordingly all the equations are written in proper form, e.g., C=MXmod n). Were applicable, 
the parentheses (e.g., around "mod n") are properly added as well. 

37 

SV/202780.01 
04042001/17:25/20206.14 



^^omey Docket No.: 20206-126 



Reexamination 1 

Support for amendments to the paragraph beginning at colunrn (hereafter "col."), hne 4 
may be found in col. 1 of the cover page. Support for the amendments to the paragraph 
beginning at col. 3, line 23 and the paragraph beginning at col 3, line 27 may be found for 
example at col. 2 of the cover page and col. 13, lines 44-47. 

Support for amendments to the paragraph beginning at col. 3, line 36, may be found at 
column 5, lines 31-33. Support for amendments to the paragraph beginning at col. 3, line 56, 
may be found for example at col. 3, lines 20-26, col. 3, lines 44-55 and col. 4, lines 9-1 1. Support 
for amendments to the paragraph beginning at col. 4, line 6, may be found for example at col. ■ 
3,lines 20-26, col. 4, lines 6-12, 32-34 and 52-56. 

Support for amendments to the paragraph beginning at col. 4, line 13 and the paragraph 
beginning at col. 4, line 50, may be found for example at col. 3 line 42, col. 4, line ^1, and col. 
10, lines 54-56. Further support for amendments to the paragraph beginning at col. 4, line 50 
may be found at col. 4, hues 50-52. 

Support for paragraph inserted before the paragraph beginning at col. 5, line 52, may be 
found for example at coL 14, lines 30-36 and 45-49. Support for amendments to the paragraph 
beginning at col. 5, line 30, may be found for example at col. 2, lines 5-10, col. 3, line 42, coL 4 
line 41, col. 5, line 39, col. 10, line 65 and col. 11, lines 8-9. Further support for amendments to 
the paragraph beginning at col. 5, line 30, may be found in the multitude of mathematical 

' expressions where d, the private key portion, is the "exponent," e.g., M=C^(mode n) at coL 6, 

: lines 1-5. 

Support for amendments to the paragraph beginning at col. 6, line 24, may be found for 
example at col, 5, lines 31-33, col. 6, line 37 ("M=Fi..."), col. 7, line 15, and col. 11, lines 15- 
20. Support for amendments to the paragraph beginning at col. 6, line 65, may be found for 
example at col. 6, lines 1-4, 26-35, 40-53 and 67. Support for amendments to the paragraph 
beginning at coL 7, line 1, may be found for example at col. 2, lines 32-34 and 40, col. 3, lines 
22-26, col. 4, lines 32-34, col 6 line 38 and col. 7, lines 56-58. 

Support for amendments to the paragraph beginning at col. 8, line 1, is fund in col. 8 line 
3 (i.e., FTPS 140-1 with level 3 is a well known standard. See: 

http://csrc.nist.gov/fips/fipsl401.htm). Support for amendments to the paragraph beginning at 
col. 10, line 15, may be found for example at Figure 3. Support for amendments to the paragraph 
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beginning at col. 10, line 35, may be foxmd for example in col. 10 line 40 and line 53 (i.e., M is 
represented by a numerical value greater than 0 and smaller than w). 



The Claims: 

Claims 1-13 of the original patent have been amended to correct typographical errors and 
other matters of form, as well as to recite more clearly and particularly the subject matter which 
Applicants regard as their invention. New claims 14-61 have been added to further point out and 
distinctly claim subject matter which Applicants regard as their invention. Support for the 
amendments to claims 1-13 and for the newly added claims, 14-61, may be found throughout the 
original patent. No new matter has been introduced by the amendments to the claims. 

In general, claim amendments embodying corrections of typographical errors, antecedent 
basis errors, and other matters of form are self explanatory and need no further explanation. As 
to the mathematical expressions, equations expressing any congruence of the form b=c(mod m) 
or the like, where b is congruent to c and m is the modulus, are mathematically written in proper 
form as b= cfmod m). Accordingly all the equations are written in proper form, e.g., C^MXmod 
n). Were applicable, parentheses (e.g,, around "mod n") are properly added as well. . 

Support for amendments to claim 1 as now presented may be foimd, for example, at 
^ claim 1 as presented in the original patent, as well as col.l, lines 32-42, coL 3, lines 39-44, col. 5, 
J lines 30-33, col. 7, lines 25-28 and col. 8, lines 8-11. Support for amendments to claim 2 as now 
J, presented may be found, for example, at claims 1 and 2 as presented in the original patent, as 
well as col. 2, lines 24-30, col. 5, lines 36-40 and col. 14, lines 19-24. Similarly, support for 
amendments to claims 3-13 as now presented may be found, for example, at claims 1-13 as 
presented in the original patent. Further support for the amendments to claims 3-13 as now 
presented may be foimd for example at col.l, lines 32-42, col. 2, lines 24-30, col. 3, lines 39-44, 
col. 5, lines 30-40, col. 7, lines 25-28, col. 8, lines 8-11, and col. 14, lines 19-24. Further support 
for amendments to claim 12 as now presented may be found for example at coL9, lines 48-50. 

As to the newly added claims, support for claim 14-23, 40-43, and 50-58 may be found, 
for example, at col. 1, lines 32-42, col.3, lines 35-44, col. 4, lines 37-49, col. 5, lines 30-33 and 
36-51, col. 7, lines 25-28, col. 8, lines 8-11, col. 14, lines 30-36. Further support for new claims 
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14-23, 40-43, and 50-58 may be found at claims 1-13 as presented in the original patent. For 
example, support for new claims 18 and 19 may be found in claim 9, i.e., col. 14, lines 30-36. 
Further support for new claims 20 and 22 may be found at col. 3, lines 30-36 and 53-55, and col. 
7, lines 25-28. Support for new claims 24-33 may be found for example at column 3, lines 36-65. 
Support for new claims 34-39 may be foxmd for example at col. 4, lines 8-12 and col. 5, lines 61- 
63. Further support for new claims 40 and 41 may be found at col. 5, lines 58-61 . Further support 
for new claims 42, 43, 50-52, and support for new claims 44-49 may be found at Figures 1-3, and 
the accompanying description at col. 7, line 34 to col. 10, lines 34. Further support for new 
claims 50-54 may be found at col. 5, Hne 52 to col. 6; line 6. Finally, support for claims 60 and 
61 may be found at col. 4, lines 6-13 and col. 5, lines 61-63. 

Summary: . . 

Entry of the foregoing amendments to the specification and claims is hereby respectfully 
requested. Claims 1-61 are now presented for examination. Prompt examination and allowance 
of the pending claims is therefore respectfully requested. 

Concurrent Office Proceeding s 

As noted before this Reexamination proceeding (90/005,776) is merged with the first 
^Reexamination proceeding (90/005,733) and the Reissue AppHcation proceeding (09/694,416). 
J Examination proceeding are conducted on the basis of the Rules for Reissue Application 
' examination. 

Fee Authorization : 

If for any reason an insufficient fee has been paid, the Commissioner is hereby authorized 
to charge any deficiency in payment of required fees associated with this communication to 
Deposit Account 02-3964. 
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Date: April 7. 2001 Respectfully submitted, 



Oppenheimer Wolff & Donnelly LLP 
Customer No. 25696 
1400 Page Mill Road 
Palo Alto, CA 94304 
Tel: (650) 320-4000 



Leah Sherry 
Reg. No. 43,918 
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EXHIBIT A 

Clean Ver sion of the Specification as Amended : 

Thepard^ph beginning at column (hereafter "col 7, line 4: 



This application claims the benefit of U.S. Provisional Application No, 
gj^ 60/033,271 for PUBLIC KEY CRYTOGRAPHIC APPARATUS AND METHOD, filed 

Dec. 9, 1996, naming as inventors, Thomas Collins, Dale Hopkins, Susan Langford and 
Michael Sabin, the disclosure of v^^hich is incorporated by reference. t 



The paragraph beginning at col 1, line 64: 



The RSA scheme capitalizes on the relative ease of creating a composite number 
firom the product of two prime numbers whereas the attempt to factor the composite 
Jf^ number into its constituent primes is difficult. The RSA scheme uses a public key E 

;3 comprising a pair of positive integers n and e, where n is a composite number of the form 

^^!:] (1) 

^ where p and q are different prime numbers, and e is a number relatively prime to (p-1) 

L ® relatively prime to (p-1) or (q-1) if e has no factors in common with 

either of them. Importantly, the sender has access to n and e, but not to p and q. The 
)i message M is a number representative of a message to be transmitted wherein 

S 0<M<n'\. (2) 

The sender enciphers M to create ciphertext C by computing the exponential 

C=M^(mod n). (3) 

Thepa/agraph beginning at col 2, line 19: 

The recipient of the ciphertext C retrieves the message M using a (private) 
^ ^ decoding key D, comprising a pair of positive integers d and n, employing the relation 

C= M''(mod n) (4) 
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As used in (4), above, d is a multiplicative inverse of 

e(mod(lcm((p-l), (^-1)))) (5) , 

so that 

e d^ l(mod(lcm((p-l), (9-I)))) (6) 

where lcm((p-l), (q-1)) is the least common multiple of numbers p-1 and q-1. Most 
conmiercial implementations of RSA employ a different, although, equivalent, 
relationship for obtaining d: : ; 

J^e^mod((p-l).(^-l)). (7) 

This alternate relationship simplifies computer processing. ^ i 




The para^aph beginning at col 3, line 23: 



□ ^ It is still another object of this invention to provide a system and method for 

Ci f \h implementing an RSA scheme in which the factors of n do not increase in length^ as n 

^3 increases in length. , , 



The paragraph beginning at col 3, line 27: 



It is still another object to provide a system and method for utilizing multiple 
(more than two), distinct prime number factors to create n. 



The paragraph beginning at col 3, line 36: 



The present invention discloses a method and apparatus for increasing the 
computational speed of RSA and related public key schemes by focusing on a neglected 
area of computation inefficiency. Instead of n=p-q, as is universal in the prior art, the 
^ Cp present invention discloses a method and apparatus wherein n is developed from three or 

more distinct random prime numbers; i.e., n=prp2 . .-pk, where k is an integer greater 
than 2 and pi, p2,. . . pk are sufficiently large distinct random primes. Preferably, 
"sufficiently large primes" are prime numbers that are numbers approximately 150 digits 
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long or larger. The advantages of the invention over the prior art should be immediately 
apparent to those skilled in this art. If, as in the prior art, p and q are each on the order of, 
say, 150 digits long, then n will be on the order of 300 digits long. However^ three primes 
pi, p2 and p3 employed in accordance with the present invention can each be on the order 
of 100 digits long and still result in n being 300 digits long. Finding and verifying 3 
distinct primes, each 100 digits long, requires significantly fewer computational cycles 
than finding and verifying 2 primes each 1 50 digits long. 



The paragraph beginning at col. 3, line 56: 



The commercial need for longer and longer primes shows no evidence of slowing; 
akeady there are projected requirements for n of about 600 digits long to forestall 
incremental improvements in factoring techniques and the ever faster computers available 
to break ciphertext. The invention, allowing 4 primes each about 150 digits long to obtain 
a 600 digit n, instead of two primes about 300 digits long, results in a marked 
improvement in computer performance. For, not only are primes that are 150 digits in 
size easier to find and verify than ones on the order of 300 digits, but by applying 
techniques the inventors derive fi-om the Chinese Remainder Theorem (CRT), public key 
cryptography calculations for encryption and decryption are completed much faster--even 
if performed serially on a single processor system. However, the inventors' techniques are 
particularly adapted to advantageously apply RSA public key cryptographic operations^to 
parallel computer processing. 



The paragraph beginnin g at col. 4, line 6: 

The present invention is capable of extending the RSA scheme to perfonn 
encryption and decryption operation using a large (many digit) n much faster than 
heretofore possible. Other advantages of the invention include its employment for 
decryption without the need to revise the RSA public key encryption transformation 
scheme currently in use on thousands of large and small computers. 

1^ 
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The paragraph beginning at col 4, line 13: 



A key assumption of the present invention is that n, composed of 3 or more 
sufficiently large distinct prime numbers, is no easier (or not very much easier) to factor 
than the prior art, two prime number n. The assumption is based on the observation that 
there is no indication in the prior art Uterature that it is "easy" to factor a product 
consisting of more than two sufficiently large, distinct prime numbers. This assumption 
may be justified given the continued effort (and failure) among experts to find a way 
"easily" to break large composite numbers into their large prime factors. This assumption 
is similar, in the inventors' view, to the assimiption underlying the entire field of public 
key cryptography that factoring composite numbers made up of two distinct primes is not 
"easy." That is, the entire field of pubKc key cryptography is based not on mathematical 
proof, but on the assumption that the empirical evidence of failed sustained efforts to find 
a way systematically to solve NP problems in polynomial time indicates that these 
problems truly are "difficult." 



The paragraph beginning at col 4, line 32: 



The invention is preferably implemented in a system that employs parallel 
operations to perform the encryption, decryption operations required by the RSA scheme. 
Thus; there is also disclosed a cryptosystem that includes a central processor unit (CPU) 
coupled to a number of exponentiator elements. The exponentiator elements are special 
purpose arithmetic units designed and structured to be provided message data M, an 
encryption key e, and a number n (where «= f>2 - . . . jTk, k being greater than 2) and 
return ciphertext C according to the relationship. 



C=M^(mod n). 



The paragraph beginning at col 4, line 45: 



I Alternatively, the exponentiator elements may be provided the ciphertext C, 

^ ll decryption (private) key d and n to retum M according to the relationship. 
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The paragraph beginning at coL 4, line 50: 



According to this decryption aspect of the invention, the CPU receives a task, 
such as the requirement to decrypt ciphertext data C, The CPU will also be provided, or 
have available, a [public] private key [e] d and n, and the factors of n (pi, p2, . . . pjt). The 
CPU breaks the decryption task down into a number of sub-tasks, and delivers the sub- 
tasks to the exponentiator elements. The results of the sub-tasks are returned by the 
exponentiator elements to the CPU which , using a form of the CRT, combines the results 
to obtain the message data M. An encryption task may be performed essentially in, the 
same manner by the CPU and its use of the exponentiator elements. However, usually the 
factors of n are not available to the sender (encryptor), only the public key, e and n, so 
that no sub-tasks are created. 



J Before the paragraph beginning at col 5, line 52 the following new paragraph: 

^ Alternatively, a message data M can be encoded with the private key to a signed 

1:3 message data Ms using a relationship of the form 

y ^ - sM''(modn). 

The message data M can be reproduce from the signed message data Ms by decoding the 
signed data with the public key, using a relationship of the form 

M=M/(modw). 



The paragraph beginning at col 5, line 30: 



According to the present invention, the public key portion e is picked. Then, three 
or more random large, distinct prime numbers, pi, p2, . . . , pk are developed and checked 
to ensure that each (pi-1) is relatively prime to e. Preferably, the prime numbers are of 
equal length. Then, the product n=prpr . . .pk is computed. 
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The paragraph beginning at col 5, line 36: 



a 



If 



Finally, the decryption exponent, d, is established by the relationship: 
e'^ mod {{p\ -\) {p2 -!)• . . .-(pk -1)), or equivalently 
mod (lcm((pi -1), (p2 -1), . • . (pk -1))) 



a. 



The pan 



a^raph I 



beginning at coL 5, line 41: 



The message data, M is encrypted to ciphertext C using the relationship of (3), 
above, i.e., 



C-M" (mod n) 



The paragraph beginning at col 5, line 46: 



To decrypt the ciphertext, C, the relationship of (4), above, is used: 
M^C^(mod«) 
where n and d are those values identified above. 



The paragraph beginning at col 5, line 52: 



Using the present invention involving three primes to develop the product n, RSA 
encryption and decryption time can be substantially less than an RSA scheme using two 
primes by dividing the encryption or decryption task into sub-tasks, one sub-task for each 
distinct prime. (However, breaking the encryption or decryption into subtasks requires 
knowledge of the factors of n. This knowledge is not usually available to anyone except 
the owner of the key, so the encryption process can be accelerated only in special cases, 
such as encryption for local storage. A system encrypting data for another user performs 
the encryption process according to (3), independent of the number of factors of n. 
Decryption, on the other hand, is performed by the owner of a key, so the factors of n are 
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generally known and can be used to accelerate the process.) For example, assiune that 
three distinct primes, pi, p2, and pa, are used to develop the product n. Thus, decryption of 
the ciphertext, C, using the relationship 



AfeC^(mod n) 
is used to develop the decryption sub-tasks: 



Ci = C(modj7i); 
C2 = C (mod P2); 
C3 = C (mod P3); 
dx = d(mod(pi -1)); 
d2 = d (mod (p2 -1)); and 
ds^d (mod (p^ -1)). 



The paragraph beginning at col 6, line 24: 

The results of each sub-task, Mi, M2, and M3 can be combined to produce the 
plaintext, M, by a number of techniques. However, it is foimd that they can most 
expeditiously be combined by a form of the Chinese Remainder Theorem (CRT) using, 
preferably, a recursive scheme. Generally, the plaintext M is obtained from the 
combination of the individual sub-tasks by the following relationship: 



Yi = ^i-i +((Mi -Yi.x) (Wi"^ (mod p-)) (mod pi)y Wi (mod n) 



where 2< i <k where k is the number of prime factors of n, and 



Mx^Cr (mod px) 



"2 ^ {mod P2) 



Ma^Ca'^Mniodjrja) 



where 
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M=7fc y,=Ci, andwi= fl Pj 



Encryption is performed in much the same manner as that used to obtain the plaintext M, 
provided (as noted above) the factors of n are available. Thus, the relationship 

C^M'{mo&n\ 

can be broken down into the three sub-tasks, 

Cj = Afi^'(mod/?,), 

= Mj^' (mod jE72 ) and 

C3 =M3"^(mod;73), 

M\ =M(mod/>i), 
M2 =M(mod/?2), 
M3 sM(modj73>), 
e\ semod {px -1), 
ez^e mod {pz -1), and 
^3 = emod(p3 -1). 



where 



a 



ZO 



The paragraph beginning at col 6, line 65: 



In generaUzed form, the ciphertext C (i.e., [decrypted] encrypted message M) can 
be obtained by [the same summation] a recursive scheme as identified above to obtain the 
ciphertext C fi:om its contiguous constituent sub-tasks Q. 




The paragraph beginning at col 7, line 1: 



a 



Preferably, the recursive CRT method described above is used to obtain either the 
ciphertext C or the deciphered plaintext (message) M due to its speed. However, there 
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The paragraph beginning at col 7, line 1 7: 



Thus, for example above (k=3), M is constructed from the retumed sub-task 
values Ml , M2, M3 by the relationship 

M=M\ {w{^ (mod p\)y w\ (mod n) 
+ Ml {w{^ (mod pi))' W2 (mod n) 
■ + M3 {w{^ (mod pi)y >V3 (mod n) 
where i . 

=P2 J^3> /?3, and vt/3 =pi /?2. 

The para^^h beginning at col 7, line 52: 

The I/O bus 30 commxmicatively connects the CPU to a number of exponentiator 
elements 32a, 32b and 32c. Shown here are three exponentiator elements, although as 
illustrated by the "other" exponentiators 32n, additional exponentiator elements can be 
added. Each exponentiator element is a state machine controlled arithmetic circuit 
structured specifically to implement the relationship described above. Thus, for example, 
the exponentiator 32a would be provided the values Mi, ei, and pi to develop Ci. 
Similarly, the exponentiator circuits 32b and 32c develop C2 and C3 from corresponding 
subtask values M2, e2, p2, M3, e3, and pa. 

_^ 'Jl ' ■*[ ' '" . — !' — 
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The paragraph beginning at col 8, line 1: 



In order to ensure a secure environment, it is preferable that the cryptosystem 10 
meet the Federal Information Processing Standard (FIPS) 140-1 level 3. Accordingly, the 
elements that make up the CPU 14 v^ould be implemented in a design that will be secure 
from extemal probing of the circuit. However, information conmiunicated on the I/O bus 
^ 30 between the CPU 14 and the exponentiator circuits 32 (and extemal memory 34--if 

present) is exposed. Consequently, to maintain the security of that mformation, it is first 
encrypted by the DES unit 24 before it is placed on the I/O bus 30 by the CPU 14: The 
exponentiator circuits 32, as well as the extemal memory 34, will also include similar 
DES units to decrypt information received from the CPU, and later to encrypt 
information retxmed to the CPU 14. 



The paragraph beginning at col 8, line 52: 



^r. j In similar fashion, information is conveyed to or retrieved from the exponentiators 

Jz 32 by the processor 20 by write or read operations at addresses within the address range 

- 44. Consequently, writes to the exponentiators 32 will use the DES unit 24 to encrypt the 

J information. When that (encrypted) information is received by the exponentiators 32, it is 

decrypted by on-board DES units (of each exponentiator 32). The result of the task 
Q performed by the exponentiator 32 is then encrypted by the exponentiator*s on-board 
' " DES unit, retrieved by the processor 20 in encrypted form and then decrypted by the DES 

unit 24. 




The para^aph beginning at col 9, line 24: 



Assume, for the purpose of the remainder of this discussion, that the 
encryption/decryption tasks performed by the cryptosystem 10, using the present 
2^(p invention, employs only three distinct primes, pi, p2, pa. The processor 20 will develop 

the sub tasks identified above, using M, e, pi p2, P3 Thus, for example, if the 
exponentiator 32a were assigned the sub-task of developing Ci, the processor would 
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develop the values Mi and ei and deliver (write) these values, with pi, to the 
exponentiator 32a. Similar values will be developed by the processor 20 for the sub-tasks 
that will be delivered to the exponentiators 32b and 32c. 


rf ,„ ■ 


The pardgraph beginning at col 10, line 15: 


y 


Alternatively, the host-system 50 may desire to deliver, via the communication 
medium 60, an encrypted communication to one of the stations 64. If the communication 
is to be encrypted by the DES scheme, with the DES key encrypted by the RSA scheme, > 
the host system would encrypt the communication, forward the DES key to one of the 
cryptosystems 10 for encryption via the RSA scheme. When the encrypted DES key is 
received back from the cryptosystem 10, the host system can then deUver to one or more i ^ 
of the stations 64 the encrypted message. : . > . 




The pard^^^h^beginning at col 10, line 25: 




Of course, the host system 50 and the stations 64 will be using the RSA scheme of 
public key encryption/decryption. Encrypted communications from the stations 64 to the 
host system 50 require that the stations 64 have access to the pubUc key E=(e, n) while 
the host system maintains the private key D=(d, n) and the constituent primes, pi , p2, . . . , 
Pk). Conversely, for secure communication from the host system 50 to one or more of the 
stations 64, the host system would retain a pubUc key E' for each station 64, while the 
stations retain the corresponding private keys D'. 



*n — -V 



2.^ 




The paragraph beginning at col 10, line 35: 



Other techniques for encrypting the communication could used. For example, the 
conununication could be entirely encrypted by the RSA scheme. If, however, the 
message to be communicated is represented by a numerical value greater than n-1, it will 
need to be broken up into blocks size M where 
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EXHIBIT B 

Clean Versi on of the Claims 




1. (Amended) A method of processing a message for use in cryptographic commxmications 
comprising the steps of: 

developing a composite number, n, as a product of pvpr, . , .'p\, where k is an integer greater 
than 2, and pi, p2, . . . pk are distinct random prime numbers; and 

encoding a plaintext message word signal M to a ciphertext word signal C, where M corresponds 
to a number representative of the message and 

0<M<nA, 

^ where C is a number representative of an encoded form of the plaintext message word 

\Z signal M such that 

l=J C= (mod rt), and 

/T ^ 

^ , where e is a number relatively prime to (pi -l) (p2 -1)-. . .-(pk-l). 

2. (Amended) The method according to claim 1, comprising the further step of: 
13 establishing a number, d, as a multiplicative inverse of 

Q e(mod(lcm((p, -1), (p2 -I), . . . , (pk -1)))); and 

decoding the ciphertext word signal C to the plaintext message word signal M where 
M^C^(mod n). 

3. (Amended) A method of processing a message signal Mi for use in a communications system 
having j terminals, each terminal being characterized by an encoding key Ei =(ei, n^ and 
decoding key Di =(di, Ui), where i=l, 2, . . . , j, and the message signal Mi corresponding to a 
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number representative of a message-to-be-transmitted from the i^*" temiinal, the method 
comprising the steps of: 

computing nj where ni is a composite nimiber of the form 

where k is an integer greater than 2, 

Pi,i, Pi^, . . - , Pi,k are distinct random prime numbers, 

Ci is relatively prime to lcm(p^ -1 , -1 . . /^j^i, -1), and 

di is selected from the group consisting of the class of nimibers equivalent to a 
multiplicative inverse of 

ei (mod(lcm((pi,, -1), (pi,2 -1), . . . , (piM -1)))); 

encoding a digital message word signal Mi for transmission from a first terminal (i=l) to a 
second terminal (i=2), said encoding step including the sub-step of: 

transforming said message word signal Mi to one or more message block word signals Mi", each 
block word signal Mi" corresponding to a number representative of a portion of said 
message word signal Mi in the range 0< Ma" <n2-l , 

transforming each of said message block word signals Mi" to a ciphertext word signal Ci that 
corresponds to a number representative of an encoded form of said message block word 
signal Ml" where 

C = M, "'»(mod«2). 



4. (Amended) A cryptographic commxmications system comprising: 

a communication channel adapted for transmitting a ciphertext word signal C that relates to a 
transmit message word signal M; 

encoding means coupled to said channel and adapted for transforming the transmit message word 
signal M to the ciphertext word signal C using a composite number, n, where n is a 
product of the form 

2 
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n-pvpr Pk 

k is an integer greater than 2, and 

Pi, P2, . . . pk are distinct random prime numbers, 

where the transmit message word signal M corresponds to a number representative of a 
message and 

0<M<n-l 

where the ciphertext word signal C corresponds to a number representative of an 
encoded form of said message through a relationship of the form[and corresponds to] 

C= (mod n\ and . , 

where e is a number relatively prime to lcm(pl -1, p2 -1, . . . , pk -1); and 

decoding means coupled to said channel and adapted for receiving the ciphertext word signal C 
from said channel and for transforming the ciphertext word signal C to a receive message 
.word signal M* where M' corresponds to a number representative of a decoded ^form of 
the ciphertext word signal C through a relationship of the form 

where d is selected from the group consisting of a class of numbers equivalent to a 
multipHcative inverse of 



5. (Amended) A cryptographic communications system having a plurality of terminals coupled 
by a communications channel, comprising: 

a first terminal of the plurality of terminals characterized by an encoding key 

Ea =(eA, Ha) and a decoding key Da =(dA, nA), 

where nA is a composite nxmiber of the form 

^a^Paj'Paj . . pA^ 



e(mod(lcm((pi -1), (p2 -l), 



(Pk -1)))). 
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where 

k is an integer greater than 2, 

pA,h Pa^, . • . , PA,k are distinct random prime numbers, 

eA is relatively prime to , 

\cm(pAj -1, paj -1, . . , , pa^ -1), and 

dA is selected from the group consisting of the class of numbers equivalent to a 
multiplicative inverse of 

eA (mod(lcm(09A,i -1), (Pa,2 -1), . - . , (pam -1)))); and 

a second terminal of the plurality of terminals having 

blocking means for transforming a first message, which is to be transmitted on said 

communications channel from said second terminal to said first terminal,fto one' 
or more transmit message word signals Mb, where each Mb corresponds to a 
number representative of said message in the range . > 

0<MB<nA'l, 

encoding means coupled to said channel and adapted for transforming each transmit 

message word signal Mb to a ciphertext word signal Cb that corresponds to a 
number representative of an encoded form of said first message through a 
relationship of the form 

said first terminal having 

decoding means coupled to said channel and adapted for receiving said ciphertext word 
signals Cb from said channel and for transforming each of said ciphertext word 
signals Cb to a receive message word signal Mb, and 

means for transforming said receive message word signal Mb to said first message, 
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where Mb corresponds to a number 
through a relationship of the form 

M'B^C/^(mod«J. 
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representative of a decoded form of Cb 



6. (Amended) The system according to claim 5 wherein said second terminal is characterized by 
an encoding key Eb =(eB, rxs) and a decoding key Db =(^8, hb), where nB is a composite number ; 
of the form 

«B ^PbxPbx ' • -'Pb^ 
where k is an integer greater than 2, 
Pb,u Pb^, - . . pB,k are distinct random prime numbers, 

eB is relatively prime to , . 

. lcm(pB^'l,pB,2'l, . . Pb^'I), and 

dB is selected from the group consisting of a class of numbers equivalent to a 
multiplicative inverse of 

; eB (mod(lcm((p5,i-l), (pBa -1), . . . , (ps^k -1)))), - , . 

I] said first terminal further having ; ; . 

blocking means for transforming a second message,which is to be transmitted on said 

communications chaimel from said first terminal to said second terminal, to one 
or more transmit message word signals Ma, where each Ma corresponds to a 
number representative of said message in the range 

0<MA<nB-l 

encoding means coupled to said channel and adapted for transforming each 

transmit message word signal Ma to a ciphertext word signal Ca and for 
transmitting Ca on said channel, where Ca corresponds to a number 
representative of an encoded form of said second message through a relationship 
of the form 
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(modw^) 



said second terminal further having 



decoding means coupled to said channel and adapted for receiving said ciphertext word 
signals Ca from said channel and for transforming each of said ciphertext word ^ 
signals to a receive message word signal M a, and 



means for transforming said receive message word signals M a to said message; where 

M*A corresponds to a number representative of a decoded form of Ca through a 
relationship of the form . i 



7. (Amended) A method of processing a message for use in cryptographic communications, 
comprising the steps of: 

developing a composite number, n, as a product of at least 3 whole number factors greater than 
one, the factors being distinct random prime numbers; and 

encoding a digital message word signal M to a ciphertext word signal G, where said digital 
message word signal M corresponds to a number representative of a message and 

0<M<nA, 

where said ciphertext word signal C corresponds to a number representative of an 
encoded form of said message through a relationship of the form 

C- ae +ae.i M^'^ +. . . +ao (mod n) 

where e and ae, ae-i, . . . , ao are numbers. 

8. (Amended) A method according to claim 7 wherein said encoding step further includes the 
step of 

transforming said digital message word signal M to said cipertext word signal C by the 

6 
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performance of a first ordered succession of inveritble operations on M, and 
wherein the method further comprises the step of: 

decoding said cipertext word signal C to said digital message word signal M by the performance 
of a second ordered succession of invertible operations on C, where each of the invertible 
operations of said second ordered succession is the inverse of a corresponding one of said 
first ordered succession, and where the order of said invertible operations in said second 
ordered succession is reversed with respect to the order of corresponding invertible 
operations in said first ordered succession. 



9. (Amended) A commimication system for processing message signals, comprising: 

j terminals including first and second terminals, each of the j terminals being characterized by an 
encoding key Ei =(ei, nO and decoding key Di =(di, ni), where i=l,2, . . . J, each.of the j 
terminals being adapted to transmit a particular one of the message signals where an i^^ 
terminal corresponds to an i'^ message signal Mi, and 

0<Mi<ni-l, 

Tii being a composite number of the form 
where 

k is an integer greater than 2, 

P/,u P/\2, . . . Pa are distinct random prime nxmibers, 

Cj is relatively prime to 

lcm(pi i-l, Pi 2-1 y . . -Arl), and 

di is selected from the group consisting of the class of numbers equivalent 
to a multiplicative inverse of 
Bi (mod(lcm((pi,i -1), (Pu -1), . . . , (pa -1)))); 
said first terminal including 
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means for encoding a digital message word signal Mi to be transmitted from said first 

terminal (i=l) to said second terminal (i=2), said encoding means transforming 
said digital message word signal Mi to a signed message word signal Mu using a 
relationship of the form 

Mj^ =M/*(modrt,) . 



10. (Amended) The communication system of claim 9 further comprising: 

means for transmitting said signed message word signal Mu from said first terminal to said 
second terminal, 

said second terminal including 
I means for decoding said signed message word signal M^ to said digital message word 

signal Ml using a relationship of the form 

I Mj =Mi/*(mod«j) . 

J 1 1 . (Amended) A communications system for transferring a message signal, the 
i communications system comprising: 

; j communication stations including first and second stations, each of the j communication 
Stations being characterized by an encoding key Ei=(ei, ni) and a decoding key Dj =(di, 
nO, where i=l, 2,. . . J, each of the j communication stations being adapted to transmit a 
particular one of the message signals where an i**" communication station corresponds to 
an i^^ message signal Mi, and 

0<Mi<nrl 

n, being a composite number of the form 

^Phi pia • • 'Pa 
where 
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k is an integer greater than 2, 

Pi,u Pi^, . . ' yPuk are distinct random prime nxmibers, 

ei is relatively prime to lcm(pi,i -l,pi^ -1, , . . ,pi,]c-l), and 

di is selected from the group consisting of the class of numbers equivalent to a 
multipHcative inverse of 

eKmod(lcm((pi;,-l),(p,;2 -!),..,, (p^^-l))^^^ , . 

said first station including 

means for encoding a digital message word signal Mi to be transmitted from said first ^ 
station (i=l) to said second station (i=2), 

means for transforming said digital message word signal Mi to one or more message 

. block word signals Mi", each block word signal Mi" being a number 

^ representative of a portion of said message word signal Mi in the range 

0<My"<«2-l,and 

means for transforming each of said message block word signals Mi " to a ciphertext < 
word signal Ci using a relatinship of the form 

Q ^M"/^(mod«2). 

12. (Amended) The communications system of claim 1 1 fiirther comprising: 

means for transmitting said ciphertext word signals Ci from said first station to said second 
station, 

wherein said second station includes 

means for decoding said ciphertext word signals Ci to said message block word signals 
Ml" using a relationship of the form 

M",^C/^(mod«2),and 
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means for transforming said message block word signals Mi" to said message word 
signal Ml. 

13, (Amended) A communications system, comprising: 
a first station; and 

a second station connected to the first station for communications therebetween, 
the first communicating station having 

encoding means for transforming a transmit message word signal M to a ciphertext word 
signal C where transmit message word signal M corresponds to a number 
representative of a message and 

. 0<M<n-\ 

n being a composite number formed as a product of at least 3 whole number 
factors greater than one, the factors being distinct random prime numbers, and 

where the ciphertext word signal C corresponds to a number representative of an 
encoded form of said message through a relationship of the form 

C= QeM^ M^~^ -f. . . +ao (mod n) 

where e and a^, a^-i, . . . , ao are numbers; and . . 

means for transmitting the ciphertext word signal C to the second station. 

14. (New) A method of processing a message for use in cryptographic communications 
comprising the steps of: 

selecting a public key portion e\ 

developing k distinct random prime numbers, px, /?2> . . . /?k, where A: > 5, and checking that each 
of the k distinct random prime numbers minus \, px-l, pi-l, . . , p^-\/\s relatively prime 
to the public key portion e\ 

computing a composite number, n, as a product of the k distinct random prime numbers; and 
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encoding a plaintext message data M to a ciphertext message data C using a relationship of the 
form C= (mod «), where 0<M<n-l . 

15. (New) The method according to claim 14, comprising the further step of: 
establishing a private key portion <i by a relationship to the public key portion e in the form of 

d^e-\modi(p, -i)<P2-^)-(P, -1))); and 

decoding the ciphertext message data C to the plaintext message data M using a relationship of 
the form ikfeC^ (mod m). 

16. (New) A method of processing a message for use in cryptographic communications 
comprising the steps of: 

selecting a public key portion e; 

developing k distinct random prime numbers, pup2, . . . p^, where k>3, and checking that each 
of the k distinct random prime numbers minus 1, /?i-l, p2-l, . . . /?k-l, is relatively prime 
to the public key portion e\ 

establishing a private key portion by a relationship to the public key portion e in the form of 



computing a composite number, n, as a product of the k distinct random prime numbers; 
obtaining a ciphertext message data C; and 

decoding the ciphertext message data C to a plaintext message data Af using a relationship of the 
form Afe (mod n). 

17. (New) The method according to claim 16, comprising the further step of: 

encoding the plaintext message data M to the ciphertext message data C, using a relationship of 
the form C= (mod «), where 0<M <«- 1 . 

11 
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18. (New) A method of processing a message for use in cryptographic communications 
comprising the steps of: 

selecting a public key portion e; 

developing k distinct random prime numbers, pi, pi, . . . p^,, where /t >5, and checking that each 
of the k distinct random prime numbers minus \,px-\,p2-\, . . . p^-l, is relatively prime 
to the public key portion e; 

establishing a private key portion d hya relationship to the public key portion e of the form 

d ^ e-' (mod((/?, - 1) . (p, - 1) . . . (p^ - 1))) ; 

computing a composite number, n, as a product of the k distinct random prime, numbers; 

encoding a plaintext message data M with the private key portion d to produce a signed message 
Ms using a relationship ofthe form MssM'' (mod n), where O^A/^-1. : u . 



19. (New) The method of claim 18 further comprising the step of: 

decoding the signed message Ms with the public key portion e to produce the plaintext message ^ 
data Musing a relationship ofthe form M=Afs^ (mod «). c 

20. (New) A method for increasing the efficiency of a cryptographic process; comprising the 
steps of: 

selecting a public key portion e; , 

developing k distinct random prime numbers, p\,p2,... Pk, where k>3,and checking that each 
of the k distinct random prime numbers minus l,/?i-l,p2-l, ■ . ./?k-l, is relatively prime 
to the public key portion e; 

computing a composite number, n, as a product of the k distinct random prime numbers; and 

encoding a plaintext message data M to a ciphertext message data C, using a relationship of the 
form C= (mod n), where O^M <h-l, 

whereby a computational speed of the cryptographic process is increased. 
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2L (New) The method according to claim 20, comprising the further step of: 
establishing a private key portion J by a relationship to the public key portion e in the form of 
d ^ e-' {mod{{p, - 1) . (jr,, - 1) . . . (p^ - 1))) ; and 

decoding the ciphertext message data C to the plaintext message data M using a relationship of 
the form Ms (mod n). 



22. (New) A method for increasing the efficiency of a cryptographic process, comprising the 
steps of: 

selecting a public key portion 

developing k distinct random prime numbers, px.pi,... pv,, where ^ > 5, and checking that each 
of the k distinct random prime nxmibers minus \, px-l^ pz-l, . . . p)c^/^s relatively prime 
to the public key portion 

establishing a private key portion by a relationship to the public key portion e in the form of 

t/se7Hmod((;7, -l).(jr7, -l)-..(;7, »1))); 

computing a composite number, n, as a product of the k distinct random prime nxmibers; 
obtaining a ciphertext message data C; and 

decoding the ciphertext message data C to a plaintext message data Musing a relationship of the 
form M=C'' (mod «), 

whereby a computational speed of the cryptographic process is increased. 



23. (New) The method according to claim 22, comprising the further step of: 

encoding the plaintext message data M to the ciphertext message data C, using a relationship of 
the form C=M^ (mod n), where (?<M <«-l. 
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24. (New) The method according to claim 20, wherein p and q are a pair of prime numbers 
the product of which equals n, and wherein the k distinct random prime numbers are each 
smaller than p and q, whereby for a given length of n it takes fewer computational cycles to find 
and check the K distinct random prime numbers that it takes to find and check the pair of prime 
numbers p and q. 



25. (New) The method according to claim 22, wherein p and q are a pair of prime numbers 
the product of which equals n, and wherein the k distinct random prime numbers are each 
smaller than p and q, whereby for a given length of n it takes fewer computational cycles to find 
and check the K distinct random prime numbers that it takes to find and check the pair of prime 
numbers p and q. u . 

26. (New) The method according to claim 24, wherein the developing and computing steps 
can be performed for n that is more than 600 digits long faster than heretofore possible with only 
the pair of prime nimibers p and q. 



27. (New) The method according to claim 25, wherein the developing, computing and^ 
encoding steps can be performed for n that is more than 600 digits long faster Jthan, heretofore 
possible with only the pair of prime nxmibers p and q. . c 

28. (New) The method according to claim 14, wherein p and q are a pair of prime numbers 
the product of which equals n, and wherein the k distinct random prime numbers are each 
smaller than p and q, whereby for a given length of n it takes fewer computational cycles to find 
and check the K distinct random prime numbers that it takes to find and check the pair of prime 
mmibers p and q. 
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29. (New) The method according to claim 28, wherein the developing and computing steps 
can be performed for n that is more than 600 digits long faster than heretofore possible with only 
the pair of prime numbers p and q. 



30. (New) The method according to claim 16, wherein p and q are a pair of prime numbers 
the product of which equals n, and wherein the k distinct random prime numbers are each 
smaller than p and q, whereby for a given length of n it takes fewer computational cycles to find 
and check the K distinct random prime numbers that it takes to find and check the pair of prime 
numbers p and q. . . < ^ 



31. (New) The method according to claim 30, wherein the developing and computing steps 
can be performed for n that is more than 600 digits long faster than heretofore possible with only 
the pair of prime numbers p and q. ^ 

32. (New) The method according to claim 18, wherein p and q are a pair of prime numbers 
the product of which equals n, and wherein the k distinct random prime nxmibers are each 
smaller than p and q, whereby for a given length of n it takes fewer computational cycles to find 
and check the K distinct random prime nimibers that it takes to find and check the pair of prime 
niunbers p and q. i i . 



33. (New) The method according to claim 32, wherein the developing and computing steps 
can be performed for n that is more than 600 digits long faster than heretofore possible with only 
the pair of prime numbers p and q. 



34. (New) The method according to claim 14, wherein a message processed in accordance 
with the method is compatible with two-prime RSA public key cryptography. 
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35. (New) The method according to claim 14, wherein a message processed in accordance 
with the method is compatible with two-prime RSA public key cryptography. 



36. (New) The method according to claim 16, wherein a message processed in accordance 
with the method is compatible with two-prime RSA pubUc key cryptography. 

37. (New) The method according to claim 18, wherein a message processed in accordance 
with the method is compatible with two-prime RSA public key cryptography. ) 

38. (New) The method according to claim 20, wherein message data processed in accordance 
with the method is compatible with two-prime RSA public key cryptography. ' ; 

39. (New) The method according to claim 22, wherein message data processed in accordance 
with the method is compatible with two-prime RSA public key cryptography. ^ ^ 

40. (New) ^ A cryptography method for local storage of data by a private key owner, 
comprising the steps of: . , 

selecting a public key portion e\ -r 

developing k distinct random prime nxmibers, pu pi, - * - Pk, where k >3, and checking that each 
of the k distinct random prime nxunbers minus 1, /?i-l, p2-l, - . - Pk-l, is relatively prime 
to the pubUc key portion e; 

establishing a private key portion by a relationship to the public key portion e in the form of 

d ^ e-' {mod{{p, - 1) . (^, - 1) . . . {p^ - 1))) ; 

computing a composite number, n, as a product of the k distinct random prime numbers that are 
factors of n, where only the private key owner knows the factors of n; 
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encoding plaintext data M to ciphertext data C for the local storage, using a relationship of the 
form C= (mod w), where 0<M <h-l. 

41. (New) The cryptography method in accordance with claim 40, further comprising the 
step of: 

decoding the ciphertext data C from the local storage to the plaintext data M using a relationship 
. of the form Af= (mod «). 

42, (New) A cryptographic communications system, comprising: 

a plurality of stations; ' 
a commimications mediimi; and 

a host system adapted to conduct encrypted communications with the plurality ^of stations via the 
communications medixun, the host system including 

at least one cryptosystem responsive to encryption and/or decryption requests from the 
host system, the cryptosystem being configured for 

^: developing k distinct random prime niunbers,/?i,/72, • . - A, where k>3, 

checking that each of the k distinct random prime numbers minus l,/7rl,/72-l, . . . 
/?k-l, is relatively prime to a public key portion e that is associated with the 
host system, 

computing a composite number, n, as a product of the k distinct random prime 
numbers, 

encoding a plaintext message data M producing therefrom a ciphertext message 
data C to be conmiunicated via the host system, the encoding using a 
relationship of the form C=M^ (mod n), where 0<M <«-!, 

establishing a private key portion d by a relationship to the public key portion e 

in the form ofd = (mod((pi - 1) • (/72 - 1) * " (Pk ~ 1))) » 
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decoding a ciphertext message data C communicated via the host producing 
therefrom a plaintext message data M using a relationship of the form 
C ^ (mod «), where C and M can be respectively C and M. 



43. (New) A system for processing a message used in cryptographic communications, 
comprising: 

a bus; and 

a cryptosystem operatively coupled to and receiving from the bus encryption and decryption 
requests, the cryptosystem being capable of ^ 

providing a pubUc key portion e, 

developing k distinct random prime numbers, pupi, - - - Pk, where ^ > 5, 

S> checking that each of the k distinct random prime numbers minus j92-l, . . . j^-l, 

3 is relatively prime to the pubUc key portion 

4 computing a composite nxmiber, «, as a product of the k distinct random prime numbers, 

- encoding a plaintext form of a first message M to produce a ciphertext form of the first 

- message C using a relationship of the form C= (mod «), where 0<M^'l, i 

Lj establishing a private key portion by a relationship to the public key portion e in the 

3 ^ form of d = e'^ (mod((p, - 1) • (/?2 - 1) • • • (Pk ~ 1))) ? 

decoding the ciphertext form of a second message C to produce the plaintext form of the 
second message Mousing a relationship of the form M= (mod n\ the first and 
second messages can be one and the same. 

44. (New) The system of claim 42, wherein the at least one cryptosystem includes 

a pluraUty of exponentiators configured to operate in parallel in developing respective 
subtask values corresponding to the message. 
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45. (New) The system of claim 42, wherein the at least one cryptosystem includes 
a processor, 
a data-address bus, 

a memory operatively coupled to the processor via the data-address bus, 

a data encryption standard (DES) xmit operatively coupled the memory and the processor 
via the data-address bus, 

a plurality of exponentiator elements operatively coupled to the processor via the DES 
unit, the plurality of exponentiator elements being configured to operate in 
parallel in developing respective subtask values corresponding to the message. . 



46. (New) The system of claini 45, wherein the memory and each of the plurality ^ of 
, exponentiator elements has its own DES unit that encrypts message data received/returned 
from/to the processor. 



47. (New) /; .The system of claim 45, wherein the memory is partitioned into address spaces 
addressable by the processor including secure, insecure and exponentiator elements address 
spaces, and wherein the DES unit that is coupled to the processor is configured to recognize the 
secure and exponentiator elements address spaces and to automatically encrypt message data 
therefrom before it is provided to the exponentiator elements, the DES imit being bypassed when 
the processor is accessing the insecure memory address spaces, the DES xmit being further 
configured to decrypt encrypted message data received from the memory before it is provided to 
the processor. 



48. (New) The system of claim 45, wherein the at least one cryptosystem meets FIPS 
(Federal Information Processing Standard) 140-1 level 3. 
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49. (New) The system of claim 45, wherein the processor maintains in the memory the 
pubUc key portion e and the composite number n with its factors px^pi^ . . ./?k. 



50. (New) A system for processing a message used in cryptographic commimications, 
comprising: 

a bus; and 

a cryptosystem receiving from the system via the bus encryption and decryption requests, the 
cryptosystem including 

a plurality of exponentiator elements configured to develop subtask values, ^ 

a memory, and 

a processor configured for 

' receiving the encryption and decryption requests, each encryption request 
providing a plaintext message M to be encrypted, each encryption request 
can additionally provide a public key that includes an exponent e and a 
representation of a modulus n in the form of its k distinct random prime 
number factors pup2, . . , Pk^ where ^ > 5, or the processor can obtain the 
public key from the memory, 

^ constructing subtasks to be executed by the exponentiator elements for producing 

' respective ones of the subtask values, Ci, C2, . . . Ck, and 

forming a ciphertext message C from the subtask values Ci, C2, . . . Ck. 

51. (New) The system of claim 50 wherein each one of the subtasks Ci, C2, . . . Ck is 
developed using a relationship of the form C,. = A//' (mod /? J , where M. =M(mod/?.), and 
e. = e{mod /?. - 1) , where i=l , 2, . . . k. 
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52. (New) A system for processing a message used in cryptographic communications, 
comprising: 

a bus; and 

a cryptosystem receiving from the system via the bus encryption and decryption requests, the 
cryptosystem including 

a pluraUty of exponentiator elements configured to develop subtask values, 

a memory, and 

a processor configured for 



53. (New) The system of claim 52 wherein when produced each one of the subtasks Ci, C2, . 
. . Ck is developed using a relationship of the form C,. = Mp (mod p^), where Q = C(mod p^) , 
and e- = e(mod p- - 1) , where i=l , 2, . . . k. 

54. (New) The system of claim 52 wherein when produced each one of the subtasks Mi, M2, 
. . . Mk is developed using a relationship of the form il/. = C/' (mod/?.), where 
M. = M(mod p.) , and . = J(mod p. - 1) ,where i=l, 2, . . . k. 
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receiving the encryption and decryption requests, each encryption/decryption 
request providing a plaintext/ciphertext message M/C to be 
encrypted/decrypted and can additionally provide a public/private key that 
includes an exponent e/d and a representation of a modulus n in the form^ 
of its k distinct random prime nxmiber factors pup2, ■ - . j^k, where k>3, or 
the processor can obtain the pubHc/private key from the memory, 



constructing subtasks to be executed by the exponentiator elements for producing 
respective ones of the subtask values, Mu M2, . . . My^JCu C2, . . . Ck, and 



forming the ciphertext/plaintext message C/M from the subtask values C/, C2, 

Ck/My,M2,...Mk. . 
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55. (New) The system of claim 54, wherein the private key exponent d relates to the public 
key exponent e via = (mod((/?j - 1) • - 1) • " {Pk ~ 1))) • 

56. (New) A system for processing a message used in cryptographic communications, 
comprising: 

means for selecting a public key portion e\ 

means for developing k distinct random prime numbers, p\, P2, * - - Pk, where k > 3, and for 
checking that each of the k distinct random prime numbers minus 1, • • ■ />ic-l, 

is relatively prime to the public key portion e; 

means for establishing a private key portion J by a relationship to the public key portion e in the 

form' of ^ e-\mod((;?, - 1) . (P2 - 1) •••(/>,- 1») ; 

means for computing a composite number, n, as a product of the k distinct random prime 
numbers; j ^ 

means for obtaining a ciphertext message data C; and 

means for decoding the ciphertext message data C to a plaintext message data M using a 
relationship of the form Af= C*^ (mod «). 

57. (New) The system according to claim 56, further comprising: 

means for encoding the plaintext message data M to the ciphertext message data C, using a 
relationship of the form (mod w), where 0<M<nA. 

58. (New) A system for processing a message used in cryptographic communications, 
comprising: 

means for selecting a public key portion e; 
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means for developing k distinct ranidom prime numbers, pu Pi, * - - Pk, where k > 3, and for 
checking that each of the k distinct random prime numbers minus 1, pi-l, pi-l, . . . />k-l» 
is relatively prime to the public key portion e; 

means for establishing a private key portion d by relationship to the public key portion e of the 
form d 3 e'' (mod((p, - 1) . (p, - 1) . . . (p^ . 1))) ; 

means for computing a composite number, «, as a product of the k distinct random prime 
nimibers; 

means for encoding a plaintext message data M with the private key portion d to produce a 
signed message Ms using a relationship of the form Ms= (mod «), where 0< M <h-l 

59. (New) The system of claim 58 further comprising the step of: 

means for decoding the signed message Ms with the private key portion e to produce the plaintext 
message data Musing a relationship of the form Ms Ms^ (mod w). 



60, (New) . The system of claim 57, wherein the system can conduct encrypted 
communications with other public key cryptography system that encrypt/decrypt data nising a 
modulus value equal to n independent of the k distinct prime numbers. : ^ 



61. (New) The system of claim 59, wherein the system can conduct encrypted 
communications with other pubUc key cryptography systems that encrypt/decrypt data using a 
modulus value equal to n independent of the k distinct prime numbers. 
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